From: Vitaly Zaitsev via devel [mailto:devel@lists.fedoraproject.org] Sent: Thursday, December 30, 2021 12:18 PM On 29/12/2021 15:20, Roberto Sassu via devel wrote:
The TPM has a fundamental advantage, compared to other mechanisms. It is tamperproof, it often receives high-grade certifications, and it is one of the few components that you could rely on to protect your sensitive data in the event your host becomes compromised.
https://arstechnica.com/gadgets/2021/08/how-to-go-from-stolen-pc-to- network-intrusion-in-30-minutes/
If I understood the article correctly, the communication was spoofed due to not using the encrypted session feature of the TPM. The TPM also supports protection against tampering of the communication with the HMAC session.
Roberto
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Zhong Ronghua