Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
shitter
20 days ago
|
parent
|
context
|
favorite
| on:
Bypassing disk encryption on systems with automati...
This is mitigated if your initramfs + kernel are measured into the TPM, right?
Edit: never mind, I think it's still vulnerable.
jakogut
19 days ago
[–]
Your edit is correct. The kernel and initramfs are exploited unmodified to boot a tampered root filesystem, which allows userspace tools to extract data from the TPM, as the PCRs used to protect data like the LUKS passphrase have not changed.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Edit: never mind, I think it's still vulnerable.