• andyburke@fedia.io
    link
    fedilink
    arrow-up
    0
    ·
    7 months ago

    Or, if I can extract that key from the hardware, I can pretend to be that hardware whenever I want, right?

    • Dark Arc@social.packetloss.gg
      link
      fedilink
      English
      arrow-up
      0
      ·
      7 months ago

      Hmmm… I was going to say no because it’s asymmetric crypto, but you’re right if you are somehow able to extract the signed private key, you can still lie… Good point

      • yggstyle@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        7 months ago

        Got some bad news. They already can do that. It’s a very low effort attack too. Current TPM spits its key out in clear text. Funny right?