STM32H7 is just an example. Most (all?) STM32 with has hardware SPI slave support. For example the STM32F030C8T6 is on JLCPCB as a basic part (no per-part cost for assembly) at $0.82 while the RP2040 is $1.11.
While the RP2040 and RP2350 has a much nicer to use SDK and for certain applications like USB it is much easier to set up, the STM32 is much more versatile and is just a much more mature product (don't get me started about the RP2350 having broken pull-downs on GPIO pins).
Until basic features like cloud backup/restore[1] works on GrapheneOS, they are irrelevant when talking about sophisticated targeted attacks. Your random journalist uncovering corruption in Saudi Arabia doesn't have the time to figure out how to flash a new ROM image, sideload Google apps, etc. GrapheneOS is great for privacy conscious technical users who wishes to use Android. For everyone else, iOS is far more secure OOB than popular Android phones and iOS with Lockdown mode beats GrapheneOS and is a single journo friendly toggle.
For all the drones in the replies repeating the same talking point over and over again you fail to address the criticism: GrapheneOS is not usable for non-technical users.
Now in terms of security/privacy, anyone who is talking about "look at the public exploits" is missing the point because nobody is attacking GrapheneOS for the same reason why nobody attacks macOS. Yes there is some marginal security difference but it's mostly because nobody who matters uses it. (I'm sorry but you, random SV tech worker who knows about GrapheneOS doesn't count.)
If you want some examples of just a _few_ things iOS does that nobody else does:
1. Secure nonvolatile storage[2]: On the most recent iOS devices there is an off chip custom dedicated smart card like device that manages passcode attempts. It's set up in a way that even if you completely hack the storage IC + SEP you cannot get any info on the passcode and still need to brute force on device. The only comparable feature is the StrongBox implemented either with an off the shelf SE (huge attack surface) or Titan M on latest Pixel phones which if hacked + TEE hack (also huge attack surface) gains you offline brute force.
2. Trusted Execution Monitor[3]: Even if you get kernel data rw access via exploit, you cannot kernel code execution because of hardware locks. You cannot even get EL0 userland execution because of the dedicated TXM which monitors the page tables. The only comparable feature is Samsung Knox which does monitor based page table management but done much worse and is full of holes. Pixel has nothing. Neither of them have any hardware locks on kernel code.
3. kalloc_type[4]: in addition to the standard slab based heap isolation that Linux also provides, XNU also promises never to reuse a virtual address for objects of different type completely defeating cross-cache based attacks. Types are also tagged with metadata showing which fields in a struct are pointers and which are numerical data such that the two will never overlap in random cases of slab sharing.
There's tonnes more but there's no point listing them all. As someone who've researched both iOS and Android attacks (and you can ask anyone in the industry who've done the same), iOS security is far ahead. GrapheneOS only provides mitigations that bring Android up to par in many areas (caveat: MTE is coming soon on iOS but is current shipped in a performance regressive way in GrapheneOS and a don't-enable-me-but-we-technically-shipped-it developer toggle on Pixels).
Also: Android attacks are far and plenty. You don't hear about most of them because they're not newsworthy because they're just dumb vendor bugs and nobody expects Android to be more secure because they don't market it that way. If you want a glimpse of what in-the-wilds are publicly disclosed for both iOS and Android, look at P0's list[5] especially for recent years (2024-2025).
Again none of this matters because the bigger argument is that GrapheneOS is not user friendly and therefore it's irrelevant how powerful they defend against the 0.01% attacker who targets specific people.
Do you have a source that iOS Lockdown Mode protects against Cellebrite? Because Cellebrite boasts they can extract data from latest iOS versions and does not even mention Lockdown Mode as an obstacle in their documentation: https://stacker.news/items/617666
I've just recently switched to GrapheneOS and I must say it has been very convenient. That is, coming from the hassle of flashing LineageOS to Samsung devices.
Obviously, buying a device and using it as it is will always be the easiest path and I would have recommended Apple to anyone looking for this until this week, when Apple pulled the E2E feature from British phones.
So GrapheneOS is the only reasonable option left that I know of.
Installing sandboxed Google Play (no sideloading needed) from the Graphene App Store is a breeze by the way. It's right there after installing the OS.
And Pixel devices don't try to keep you from replacing the stock rom, you don't lose your warranty doing it. And there is a browser-based installer that gets rid of the need of using command lines.
GrapheneOS team has done an amazing job building a rock solid OS for mobile. But because it does not have the feature you need, doesn't mean it's useless for rest of us. I use it everyday for it's privacy and security features. Your argument is really weak. What does cloud backup has to do with it protecting from zero days?
This is such a shallow take. There is little learning involved in setting up GrapheneOS, especially if someone a little more techy lends a hand. I'd argue I need less of my tech background and run into far less hiccups than my typical linux desktop install experience. What's especially frustrating about this, is there's no need to sideload apps, or anything you're implying. I can use any cloud backup app I want, there's a built-in installer for a sandboxed Google Play Store, and generally you have almost no discernible usability differences vs stock.
I'm curious about this too. AFAIK the most recent leaked Cellebrite docs indicated that GOS can't be broken into, and I dunno how iOS could be more secure than that.
It depends what you mean by secure. Vulnerabilities is a market and if GOS happens to secure the vulnerabilities that are convenient and work on all standard Android releases, most of the market doesn't support putting the research into setting up additional vulnerabilities against it as they will until another iOS vulnerability is found and weaponized.
Probably GrapheneOS is too small a target for Cellebrite to bother focusing on. In the mean time, I would expect Google to fix the 0 days and we move on.
That's just to say that in my ranking of Cellebrite-using threat actors we're all ultimately just meat popsicles anyway.
> I'm going to be honest here and say that I don't know what Microsoft's actual motivation for requiring a TPM in Windows 11 is.
It is quite obvious: to force people to buy a new PC. TPM provides no added security value for the vast majority of users[1] but it is a convenient hardware that has only started to become standard (fTPM) in PCs built in the last ~8 years so it provides an excuse for Microsoft to declare computers older than that (which can run Windows 10) obsolete using "security" as an easy scapegoat.
> TPM provides no added security value for the vast majority of users[1]
Yes it does. The vast majority of users aren't going to have their laptop stolen by the CIA/NSA and have their DIMMs popped and cryofreezed.
The vast majority of users aren't going to have the case opened and a special-purpose PCIe device installed to steal keys over DMA.
The vast majority of users aren't going to have a dTPM vulnerable to SPI sniffing as modern and not-so-modern processors have fTPM.
This is to provide some baseline level of protection of the user's data against theft and loss.
Are there attacks against TPM? Yep. In as much as there are attacks against SMS 2FA, but for the vast majority of people, SMS 2FA is an acceptable level of security.
If you're a CEO, well sure, you're going to want to do something better (TPM + PIN). I acknowledge that Windows 11 Home users don't have this specific option.
Everyone needs to level set on the type of attacks that are practical vs. involved and who the targets of those attacks are.
FDE (w/ TPM) is part of defense-in-depth. Even if imperfect, it's another layer of protection.
> The vast majority of users aren't going to have their laptop stolen by the CIA/NSA and have their DIMMs popped and cryofreezed.
That's kind of the point. The vast majority of users aren't going to have their laptop stolen at all, if they do it will 99% of the time be by someone who only wants to wipe it and fence it, and attempts to access data are most likely to be by unsophisticated family members who would be defeated by a simple password without any TPM.
Meanwhile there have been plenty of TPM vulnerabilities that don't require anything so esoteric and can often be attacked purely from software, so if a normal user was facing even so much as someone willing to watch some security conference talks, they're going to lose regardless. If the TPM doesn't make them more vulnerable to that, because it contains the secrets and is susceptible to attack, vs. FDE with a boot key stored in some cloud service secured with the user's password instead of a TPM, which can then rate limit attempts without being susceptible to physical access attacks and be revoked if the device is stolen.
Moreover, the more common threat to normal users is data loss, in which case you only want your laptop to be secure against your unsophisticated nephew and not the tech you want to recover your data after you forget your password.
> In as much as there are attacks against SMS 2FA, but for the vast majority of people, SMS 2FA is an acceptable level of security.
The current recommendation seems to be against SMS 2FA because the security of SMS really is that bad, so if you need 2FA, use an authenticator app or similar.
> That's kind of the point. The vast majority of users aren't going to have their laptop stolen at all, if they do it will 99% of the time be by someone who only wants to wipe it and fence it, and attempts to access data are most likely to be by unsophisticated family members who would be defeated by a simple password without any TPM.
True, any preboot password method (even fully software) will be sufficient to prevent data exposure when a laptop is stolen.
The whole TPM + secure boot thing is more to prevent evil maid attacks where a laptop is messed with (eg installing a bootloader that intercepts the password) and then placing it back in the user's possession so they can be tricked into entering the password.
That whole scenario is extremely far-fetched for home users. Laptops get stolen but then they're gone.
But it doesn't even do that. If I want to perform the "evil maid" attack why would I screw around with the bootloader? I'm just going to replace the entire device with something that captures the password & sends it to me remotely.
You're at an industry conference. I want the data on your laptop's hard drive. You leave your laptop in the hotel room. Which one is easier:
1. Go into your room and screw around with the boot loader to somehow give me unencrypted access to your laptop after you login next time.
2. Go into your room. Take your laptop. Put an identical looking laptop in place that runs software that boots and looks identical. Have it send me all of your password attempts over WiFi to my van in the parking lot.
I'm going with option 2 every time. I have your original device. I have your password. TPM, SecureBoot, or whatever is irrelevant at this point.
The attacker must be able to fake any pre-boot drive unlock screen and OS login screen to look exactly as the user's real screens but accept any password.
Legend goes that security oriented people will visually customize their machines with stickers (and their associated aging patina) and all kinds of digital cues on the different screens just to recognize if anything was changed.
MS chose to impose TPM because it allows encryption without interactive password typing (BitLocker without PIN or password which is what most machines are running). That's it. The users get all the convenience of not having to type extra passwords when the machine starts, and some (not all) of the security offered by encryption. Some curious thief can't just pop your drive into their machine and check for nudes. The TPM is not there to protect against NSA, or proverbial $5 wrench attacks but as a thick layer of convenience over the thinner layer of security.
> Legend goes that security oriented people will visually customize their machines with stickers (and their associated aging patina) and all kinds of digital cues on the different screens just to recognize if anything was changed.
Maybe I am mistaken, but I feel that the people going to such lengths to ward off an attacker and the people who’d want to rely on fTPM with Bitlocker over FOSS full disk encryption with a dedicated passphrase are two entirely separate circles.
> The TPM is not there to protect against NSA, or proverbial $5 wrench attacks but as a thick layer of convenience over the thinner layer of security.
I agree with you there, it is convenience, not security, but as such, should it be any more mandatory than any other convenience feature such as Windows Hello via fingerprint or IR? I’d argue only for newly released hardware, but don’t make that mandatory for existing systems.
Especially since I had one case where fTPM was not recognized, no matter what I did, despite it being enabled in the UEFI and showing up in Windows 10 and on Linux, I could not install 11.
> the people going to such lengths to ward off an attacker and the people who’d want to rely on fTPM with Bitlocker over FOSS full disk encryption with a dedicated passphrase are two entirely separate circles.
Bitlocker + PIN/password (hence my mention of a pre-boot password) is a good combination that isn't any worse than any "FOSS full disk encryption". Beyond the catchy titles of "Bitlocker hacked in 30s" is the reality that it takes just as many seconds to make it (to my knowledge) unhackable by setting a PIN or password.
Adding the (f)TPM improves the security because you don't just encrypt the data, you also tie it to that TPM, and can enforce TPM policies to place some limits on the decryption attempts.
> it is convenience, not security
It's convenience and (some) security by default. Not great security but good enough for most of those millions of Windows users. The security was the mandatory part, encrypting the storage by default. The convenience was added on top to get the buy-in for the security, otherwise people would complain or worse, disable the encryption. Whoever wants to remove that convenience and turn it into great security sets a PIN.
I don't mean to disagree, but I think it's worth pointing out that with today's tech, it wouldn't be difficult for an attacker to also scan the stickers and print them out on sticker paper using a color printer, all in minutes. And the technology for doing that is only getting better. Just a thought.
TPM means the system can boot and then do face login or whatever using the user's password in exactly one place.
This is as much as most users will tolerate. And it also means Microsoft account recovery can work to unlock a forgotten password.
The whole point is Microsoft don't want user devices to ever be trivially bypassed, regardless of how unlikely that is (probably more likely then you think though).
These things are everywhere: they're used by small businesses, unsophisticated users etc. but the story which will be written if anything happens because the disk was imaged sometime will be "how this small business lost everything because of a stolen Windows laptop" and include a quote about how it wouldn't have happened on a MacBook.
"No one wants a preboot password though" - really? Doesn't strike me as particularly inconvenient, especially given the relative rarity of actual bootups these days.
I've been using bog-standard FDE for as long as I can remember. One extra password entry per bootup for almost-perfect security seems like great value to me.
It seems that you're looking at the wrong bubble here. Most people actually detests passwords and would rather use a different method if possible (this is why ordinary users turn on biometric authentication despite some here questioning its security). Adding another password will certainly make users - especially enterprises - complain.
Also for technical reasons, Windows can't do the fancy one login/password screen (which assumes a file-level encryption, which is how it is implemented nowadays to support multiple users [1] [2]). This is due to Windows software that are expecting that everything is an ordinary file (unlike Apple which don't care on that aspect and Android which has compartmentalized storage). Even if we have an EFS-style encryption here, it will be incompatible with enterprise authentication solutions.
> this is why ordinary users turn on biometric authentication despite some here questioning its security
That's part of the reason. Another part is BigCo spamming the users asking for biometrics or whatever the current promotion-driver is, making opting out hard to find, and using their position of authority to assert that it's "more secure" (for your personal threat model no less, nice to be able to offload thought to a corporation).
The more inexpensive option of the newer Trezor wallets and "login PIN" as an optional alternative to a password that also works, seems to be the best option (that I have seen so far).
The more recently released Trezor wallets are still new, and Yubikey 5C will probably be used in many places anyway just because of the keyring and no need for the usb-c cable.
Every phone has it these days. Doesn't seem to be a big deterrent? Laptops also need a password to log in.
In fact in many cases a preboot password is safer. Because the comms between the TPM and the OS can often be sniffed. And if the TPM doesn't need validation because it hands off its keys, it can be bypassed that way.
Again not really something that consumers have to worry about, but it's not quite difficult anymore to pull this off.
The phones are using their TPM equivalent to do it securely, though -- there's not nearly enough entropy in a lock screen to provide robust security, but the boot-time unlock depends on both the screen lock and the hardware, and the hardware will rate limit attempts to use it to turn lock screen inputs into usable encryption keys.
The vast majority of users neither have a password on their computer, or if they have it it's a stupid one (like their name, their birthday, etc) or they have it written on a post-it that is attached on the monitor itself. Why do they need a TPM? Most of the time I setup a computer for a friend or family member they ask me to remove the password since they don't want to remember it.
Vast majority of users neither have that much important data to steal on their computer at all, just some family photos, some movies downloaded from the internet, there is the case of credentials saved in the browser, but the most important stuff (such as banking sites) nowadays requires a multiple factor authentication (such as password + OTP on your phone) to do any operation.
Why do they need a firewall? Why do they need ACLs?
Let's just go back to single-user operating systems with exFAT drives.
If an individual expressly defeats the point of any particular security mechanism, that's on them. But to paint this broad brush of "I know someone who does X which makes Y pointless, so Y must be meaningless for everyone else" is silly.
> The vast majority of users aren't going to have their laptop stolen at all
The vast majority of homeowners aren't going to have a house fire. The vast majority of drivers aren't going to have an accident. Etc. etc. etc.
It's insurance.
> The current recommendation seems to be against SMS 2FA because the security of SMS really is that bad, so if you need 2FA, use an authenticator app or similar.
This is correct. But SMS 2FA is better than no 2FA. The attacks you speak of are targeted attacks, where the victim and phone number are known.
> Any snake oil can be painted as defense-in-depth.
Depending on the implementation it's occasionally more secure. For me it's never "better."
A significant fraction of banks, retirement accounts, financial web services, ..., can fully reset your password using just the SMS "2FA," sometimes most also requiring an e-mail verification. That turns the device into a single factor much weaker than a password (making physical attacks -- ex-lovers, nosy houseguests, ... much easier). There are a variety of easy methods for taking over a phone number temporarily or permanently for <$15, so for the ones without e-mails it's literally just a cost/benefit analysis for a crook.
Knowing how often SMS 2FA gets screwed up, I'd strongly prefer to avoid services offering it (especially those requiring it) even if there were no other downsides. Toss in the inconvenience of having to drive into town (many rural places I've lived), find a point of higher ground (many taller cities I've visited), or whatever just to get cell service, and the whole concept is a nightmare.
And so on. It's painful to use, usually much less secure, and rarely meaningfully more secure.
It's rubbish. The circumstances that would make it even theoretically useful are rare and in practice it doesn't even work then. There is no reason to pay good money so you can be insured against alien abductions under a policy whose terms won't pay out even if you somehow actually get abducted by aliens.
> This is correct. But SMS 2FA is better than no 2FA.
The alternatives to SMS 2FA don't just include no 2FA, they also include any of the better 2FA alternatives to SMS.
Choosing SMS is like saying we should all bottle our urine in case we need something to drink later. There's juice and soda in the fridge and a tap full of water right over there, don't be crazy.
> The attacks you speak of are targeted attacks, where the victim and phone number are known.
How do you mean? Anyone who can snoop SMS gets a list of usernames and passwords from a data breach, tries them all against a hundred services, when that user exists on that service the service says "we sent SMS to your phone number at xxx-xxx-4578" so the attacker looks for any SMS code to any phone number ending in 4578 in the last ten seconds. Even if they don't have the phone number from the data breach, most commonly there is only one matching message, if there are two or three they just try all of them, and now they've compromised thousands of accounts on a hundred services because SMS is such rubbish.
On top of that, the targeted attacks also work against SMS. If you know the target's phone number you don't need to be able to capture every SMS to compromise them using SIM swapping or any of the other numerous vulnerabilities SMS 2FA is susceptible to.
> It's not snake oil, however.
It's a proposed solution with negligible or negative benefits over known alternatives. That's snake oil.
> The vast majority of users aren't going to have their laptop stolen at all, if they do it will 99% of the time be by someone who only wants to wipe it and fence it, and attempts to access data are most likely to be by unsophisticated family members who would be defeated by a simple password without any TPM.
I've only met one person who's phone was stolen. They grabbed it while it was unlocked and within minutes after began scamming all the person's Instagram and other contacts asking for quick money for an emergency.
That's how it works now exactly because hardware security ("DRM") on phones is so good that grabbing phones whilst unlocked is the only way to beat it. For most of the history of phones, they would be pickpocketed or taken from bags, luggage, hotel rooms etc without you ever seeing the thief.
This is a huge upgrade, and nothing to sniff at. I also had someone try to grab my phone out of my hand and run off whilst walking on the streets in France. Unfortunately for him I can run extremely fast. Once he saw I was catching up and about to beat the crap out of him, he gently placed the phone on the road whilst running and gave it back to me. Before phone security got really good a guy like that would have been using the sneaky approach and then visiting a back room in a phone shop to reflash all the hardware IDs, but secure boots and the mobile security chips have got good enough that this is no longer feasible.
Depends which is more valuable, the phone or the potential scams. With no hardware security you'd just have a standard USB stick to root it and get the same access to the logins and contacts, or you'd take it right to an underground shop that did. And you could sell the hardware on top of that, making theft that much better.
Also, SMS isn't, because attackers often get access to the SMS network itself (see e.g. Salt Typhoon) in which case they can do automatic mass account stealing because they can see all the totally unencrypted SMS codes.
Not to mention LTT showed the ability to spoof and steal SMS directly, on specific targets using the international phone system trust, something that is effectively impossible to block due to the inherient trust built into cell companies at the moment.
> vs. FDE with a boot key stored in some cloud service secured with the user's password instead of a TPM
Without secure boot (backed by TPM), I can boot a small USB device that has LEDs on it to indicate to me that the target system has been infected to send me a copy of the target's password, after I already imaged the disk (or when I have another team member steal it or take it by force later).
If there's a UEFI password to access UEFI settings, I can reset it in under 20 minutes with physical access. Some tamper-evident tape on the laptop casing may stop me if I haven't already had a resource intrude into the target's home/office to have some replacement tamper-evident sticker material ready. Very very few places, even some really smart ones, make use tamper-evident material. Glitter+glue tamper-evident seals are something I can't spoof though.
It's not that hard to get into a hotel room. Often enough if a business books a hotel for you it's because they want access to your laptop while you're at lunch with another employee who so kindly suggests to leave your backpack in the hotel room.
disclaimer: all above is fictional and for educational and entertainment purposes only
> Without secure boot (backed by TPM), I can boot a small USB device that has LEDs on it to indicate to me that the target system has been infected to send me a copy of the target's password, after I already imaged the disk (or when I have another team member steal it or take it by force later).
Which is the same thing that happens with secure boot, because they just steal the whole device and leave you one that looks the same to enter your password into so it will send it to them.
Meanwhile if you're using tamper-evident materials then you don't need secure boot, because then they can't undetectably remove the cover to get physical access to remove your UEFI password or image the machine.
Thank you for prompting attention to the switcheroo.
This angle of attack is generally unheard of, but should be considered. I can think of some mitigations that can work.
Tamper-evident materials are well-known by the crowds that will target users. There are many criminals among us, so many that those who don't have criminal psychology have a hard time wrapping their mind around it. Given this, I am cynical, and every defense within reasonable cost should be leveraged.
> The vast majority of users aren't going to have their laptop stolen by the CIA/NSA and have their DIMMs popped and cryofreezed.
If you happen to have a Pro variant of Ryzen (there may be some Intel variants as well) then you can enable RAM encryption. The RAM will be encrypted with an ephemeral AES key on boot.
In my experience, FDE (Full Disk Encryption) is more of a hindrance than help to average users.
It just means that when something goes wrong, such as a forgotten password or a botched update, their data that would have otherwise been recoverable is now lost forever.
I'm not sure I know anyone who's had a computer stolen, but I know lots of people who have lost data.
Edit: I do know one person who had a computer stolen. It was a work laptop while they were in SF, and I'll concede that FDE probably does make more sense on a work-related computer. I was only arguing that it's more of a hindrance on personal devices that mostly stay in the owners home.
> It just means that when something goes wrong, such as a forgotten password or a botched update, their data that would have otherwise been recoverable is now lost forever.
Not at all. You can get your recovery key back via a few different means (for 11 Home, OneDrive/printed/PDF, for enterprises, various ways) and boot into the Windows Recovery Mode environment to perform the same repair options one would have without BitLocker in place.
What is the argument here about the CIA / NSA or any other US Federal 3 letter agency? If your device is secured via TPM or some other scheme that relies on an industry to secure your device they aren't going to be doing "DIMM popping". They are just going to get the master keys from whomever issued them and use that bypass whatever they need to on the device.
The point being is that Microsoft's implementation on Win 11 Home ("device encryption", aka unconfigurable BitLocker) is sufficient for nearly all of their user base. If you're a target of a 3-letter agency, additional security measures are required.
I agree. TPM defends against the most likely threat that typical users are facing. And, where users that are individually targeted, the theft/robbery will more often than not be designed to appear "random".
Because TPM sniffers are now at a material cost of about $15 and can be acquired for a price at under $200, more than a TPM is needed for data encryption, especially for users like a CEO. This is why a firm I used to work for encrypted the key that could unlock user data with both TPM plus Yubikey.
Microsoft doesn't sell hardware. Why would they be incentivized to make you buy new hardware? Unless you're alleging that their hardware partners pushed for it, in which case there would likely be logs of communications that are pretty illegal.
There's a bit of a gold rush on to be in control of all of a user's auth, and TPMs are a precondition to maintaining that control.
The passkey protocol (i.e. webauthn) has an "attestation object" field which organizations like Microsoft can use to pass extra details about the authenticated users to the authenticating service. Which details will likely depend on that service's relationship with Microsoft. Unlike most channels between these parties, it's expected to be secured via TPM thereby excluding others (e.g. the user, or any pesky researchers) from the conversation.
It's pretty obvious from the recent design choices re: Windows that Microsoft is keen on monetizing user data--and who, in that business, wouldn't like a way to do it exclusively? i.e. to control a channel which neither the user nor your competitors can tamper with.
So they'd be incentivized to make you buy new hardware because new hardware allows them to bind your advertiser id to actual identity much more closely than is possible without that hardware (e.g. via cookies and IP addresses). The sale of details about your actual identity to organizations who only know you by your advertiser id is big business. The TPM helps them protect that business against competitors who don't have such low-level control over your device (Google, Meta, etc).
Microsoft does sell operating systems (and user data from those operating systems). Those operating systems are typically bundled / installed by default on computers.
It's in their best interests to have everyone using the "latest and greatest" for those features that weren't present (at least to the same extent) in prior versions.
This is rather contradictory. There's way less friction to selling Windows 11 licenses to existing hardware owners. Requiring a new PC only means fewer people will be running 11.
Not necessarily. I'd bet that the fraction of $ microsoft makes from selling windows licenses _retail_ is a rounding error away from zero compared to what they get selling bulk/volume licenses to corporate / OEM.
It's in microsoft's interest to make sure that dell/hp/lenovo ... etc have reasons to keep buying licenses to put on the new computers they're selling.
I suspect that TPM is about making the PC less open than it traditionally has been. For the majority of people on this site, that's going to cause a deathly-allergic reaction. For the majority of the population, there's some security advantages to having windows manage device security from POST.
> Not necessarily. I'd bet that the fraction of $ microsoft makes from selling windows licenses _retail_ is a rounding error away from zero compared to what they get selling bulk/volume licenses to corporate / OEM.
Corporate customers already have a VLK which will cover Windows 11 [Pro/Enterprise]. The hardware is the only cost for VLK customers -- Windows licensing is already covered under the existing Enterprise Agreement. EAs often have current version and current version - 1 covered, thus a VLK will entitle one to both Windows 10 and 11 as of today.
It would be odd to think that corporate customers haven't been using BitLocker w/ TPM since at least Windows 7, if not Vista. FDE has been a Corporate Security Checkmark(TM) since it became available.
> I suspect that TPM is about making the PC less open than it traditionally has been.
By traditionally, do you mean prior to 2006 as that is when we first saw and started using TPMs?
Not really. The get a cut on both ends, really. If they make you upgrade to keep using up to date Windows because of claimed security issues, they get additional sales they possibly wouldn't have otherwise.
I suspect Microsoft has numbers which suggest people rarely upgrade their OSes anymore; they're more likely to upgrade their hardware. Enthusiasts still will do whatever but these changes aren't targeting or caring about enthusiasts.
Microsoft makes Xbox and the Surface. They are one of the largest consumer hardware manufacturers in the space.
Anyways Microsoft was clearly very irritated when everyone wanted to stick with Windows 7, perceiving that Windows 8 was worse in every way, and that Windows 10 wasn't a significant enough upgrade to justify the effort especially considering all the added telemetry they added to the product.
It's very reasonable, given this, that they would seek to force the upgrade cycle to occur where it clearly otherwise might not.
> It's very reasonable, given this, that they would seek to force the upgrade cycle to occur where it clearly otherwise might not.
How is restricting which machines can run Windows 11 "forcing an upgrade cycle" on the software? It's clearly doing the opposite, by making Windows 11 upgrades less likely.
The real motivation people have for upgrading to Windows 11 is Windows 10 going out of support. And the EOL date is totally orthogonal to the TPM requirement.
On the consumer front, sure, but there are large contractual buyers who have requirements for TPM presence and several software policy systems can enforce it.
The OS requires minimum hardware. To force users to upgrade their OS, discontinue the old OS, and make a new OS version, which has greater minimum hardware requirements. Now the user is buying your software again.
They're also buying new hardware which benefits the PC maker. It's a mutually beneficial relationship that forces the user to both buy the software again, and buy new hardware. (You do pay for Windows when you buy a PC, it's a cost the manufacturer absorbs. You can often receive a discount when you order a new PC by not including Windows with it.)
From my experience it's actually the opposite. The PC is sold with Windows on it, purchased by the OEM. The OEM then loads crapware on the new PC before delivery because crapware companies pay the OEM to load crapware. As a result, it'd actually cost more to buy the device without Windows.
I've only ever seen one piece of x86 hardware that was sold with or without Windows in my lifetime. It was $15 cheaper at the time to buy the Windows version and install Ubuntu myself.
Ok, so the theory is that Microsoft is after the revenue from Windows 11 licenses? And the way they're achieving this is by forcing people who want to upgrade from Windows 10 to buy a new machine rather than install Windows 11 on their existing machines? If that was the motivation, there's a far more direct option available. Just charge for the upgrade.
For this theory to work, it would have to be that there's a significant population that a) wants to run Windows 11 instead of Windows 10; b) will buy a new computer to do that; c) would not pay the price of an OEM license for a version upgrade.
> If that was the motivation, there's a far more direct option available. Just charge for the upgrade.
That's a far more direct option, which also largely doesn't work. Corporate IT doesn't like doing in-place major OS upgrades. Consumers just plain won't, unless it's free and easy.
Sure, let's say that's true. The obvious implication is that these users actually don't care about whether they're running Windows 11 or not, and thus the Windows 11 TPM requirement is utterly irrelevant in their decision to buy a new computer.
I don't see how this supports the theory that this is all about revenue from Windows OEM licenses from forced hardware upgrades.
The theory, as I understand it, is that the wider ecosystem of OEMs is better at selling new hardware than Microsoft alone is at selling Windows upgrades. The users don't care what makes new hardware "new hardware", just that a dozen different companies are telling them that "new hardware" is exciting to buy for the holidays and "more secure" and "better". The TPM requirement on paper is an easy shibboleth for "more secure", so an easy thing to sell through the multi-channel telephone game of OEMs to ad companies to retail stores to mainstream zeitgeist. They don't have to just take Microsoft's word that Windows 11 is "better", they have "word on the street" and their pal who works "Geek Squad" at Best Buy and all those HP commercials on TV telling them they need a new Windows 11 machine for "more secure" hardware.
(I think it is gross that this is how Microsoft and the PC OEMs think is the best way to increase revenue together, but I think there's enough evidence that this theory is relatively accurate portrait of one of the factors for why Windows 11 is the way that it is.)
> Sure, let's say that's true. The obvious implication is that these users actually don't care about whether they're running Windows 11 or not, and thus the Windows 11 TPM requirement is utterly irrelevant in their decision to buy a new computer.
> I don't see how this supports the theory that this is all about revenue from Windows OEM licenses from forced hardware upgrades.
what on earth makes you think that "what the users actually don't [or do care about]" has any affect on what corporate IT does with their users' devices?
do you think corporate IT is going to say "oh ok" when a user says "i don't want to upgrade to Windows 11 or a laptop that has TPM"
Good grief. The GP was the one claiming that corporate customers don't like doing in-place major OS upgrades. I'm just accepting that assertion for the sake of argument, because it seems obvious that it will not have the effect that the GP claims.
But it seems that you're disagreeing with the GP. So let's say for the sake of argument that you're right about that. Just what is your theory for how the Windows 11 TPM requirement is leading to more Windows licensing revenue?
They do sell some PCs, but their market share is very low, and I can't imagine it's a significant part of their revenue. They definitely wouldn't bother slowing down Windows 11 adoption to sell a few more Surface Books.
About 1.9% ($4.706 billion) of Microsoft's FY 2024 revenue was from devices "including Surface, HoloLens, and PC accessories" (and not including Xbox hardware).
About 9.5% ($23.244 billion) was from Windows "including Windows OEM licensing and other non-volume licensing of the Windows operating system; Windows Commercial, comprising volume licensing of the Windows operating system, Windows cloud services, and other Windows commercial offerings; patent licensing; and Windows Internet of Things."
Compared to FY 2023, devices revenue decreased 15% and Windows revenue increased 8%.
I don't think it's illegal for hardware partners to ask Microsoft to give users reasons to buy new hardware. And of course they do this, they always have. The Wintel alliance has always been a symbiotic relationship between Microsoft and the hardware OEMs:
- Hardware guys make cool new hardware that incentivizes PC sales.
- Windows guys add driver and OS support in a timely manner so apps can utilize it easily.
And sometimes the other way around:
- Windows guys add some cool new feature that incentivizes PC sales.
- Hardware guys drive down component costs to compensate for the OS getting bigger and slower.
The problem for the PC industry is that in the last ~15 years or so this virtuous circle has broken down. Outside of Apple the hardware guys stopped coming up with cool new features that would shift units outside of gaming GPU upgrades, and gaming has anyway been dominated by consoles for a long time exactly because they have hardware DRM that works so game developers prefer it (also gamers when they want multiplayer without wallhackers). Intel struggled and AMD didn't really pick up the slack in any major way. Even Apple has struggled here - other than their proprietary CPU designs and rolling back some Ive-isms by adding more ports again, a modern MacBook isn't substantially different than the models they were selling years ago.
So that leaves the software guys to drive sales. Unfortunately for the PC OEMs Microsoft has well and truly run out of steam here. Their best people all left the Windows team years ago, and Windows isn't even a top level division anymore, being weirdly split between the Office and Azure teams.
A big part of the stagnation is driven by the web. Nobody writes Windows apps anymore except games, so there's no progress to be had by adding new Windows APIs outside of DirectX. Meanwhile the web guys are shooting the PC industry in the face with a policy of never adding features unless it's supported on every piece of hardware from every vendor, more or less, which makes competitive differentiation impossible, so nobody even tries anymore. There is no web equivalent of a driver since the Netscape plugin API was killed. They also move incredibly slowly due to the desire to sandbox everything. In the 90s the success of Windows was driven by some wizard-level hackers but as PC hardware matured clever tricks stopped being an important differentiator, and monopoly profits made them fat and lazy. It's clear that Nadella has zero confidence in the Windows org(s) ability to execute, hence why in the post-Ballmer years the rest of Microsoft has systematically divorced itself from them.
So - no hardware innovation thanks to the web, no major CPU upgrades thanks to Intel/AMD, no software innovation thanks to Microsoft. The PC industry is stagnant and desperate. What have they got left? Well, they have TPMs (really, TPM v2 because TPM v1 was kinda botched). And Windows doesn't really need it, but if Microsoft ties Windows upgrades to TPMv2 they can use the treadmill of security/support expiring on Win10 to drive one last round of hardware replacements that can give the industry an injection of revenue that can then maybe be spent on finding new hardware features to drive upgrades, seeing as Microsoft can no longer do it.
There's nothing illegal in any of this - nobody is price setting and it's not much different to prior eras when new Windows versions required more RAM.
File deduplication would reduce disk space usage by 40% on a typical consumer laptop, and works well in Windows Server. The reason it is not enabled in client windows is because storage sells.
Strategies change over time, including Microsoft's. TPM was previously envisioned as a broader physical storage for secrets, such as virtual smart cards. Microsoft no longer likes virtual smart cards, but TPM is still used for storing data for measured boot attestation. Also, at the time Microsoft was attempting to broaden support for TPM where it is restricted, such as China, which does not allow foreign TPM chips.
I'm embarrassed to admit that I don't actually understand what a TPM does. My vague and probably incorrect impression is that it performs some sort of encrypted verification of firmware or hardware modules? Can anyone expand on what this does? My impression would be that this is not useful for most users, and would be much of a concern in industrial espionage situations. I have no confidence that I'm correct here.
It's a secure storage spot for crypto keys and performing crypto operations for things like bitlocker and validating device or OSs for secure boot. If you know of the Apple Secure Enclave it's a more generic version of that, a place where even the device vendor (in theory, who knows what techniques the secret squirrels of the world have hidden away) cannot extract the actual key material from only request operations performed using that info.
The simplest and most obvious use-case is allowing you to encrypt your hard drive using a key stored in tamper-resistant hardware rather than having to rely on the user to select a passphrase complex enough to resist offline brute force attacks.
Oh, that's interesting. So in the TPM case, I could not have a password to have an encrypted volume? And if I removed that hard drive from the computer, there would be no way to recover it? But from the user's perspective, it would be transparent and they might not even know it's encrypted?
Yes, that's very common. In Windows 11 Pro (not sure about other editions) you can enable BitLocker and turn on auto unlock with no PIN. Though if someone steals the whole PC I'm not sure how effective that is. With a PIN set the TPM will enforce rate limiting to prevent brute force attacks, which should be more effective in that scenario. Most modern phones do something similar: user data is encrypted with a TPM key accessed using your lock screen code on boot-up.
It’s just a little cpu and some nonvolatile memory running a program. You can send it messages, and it will send back replies, but you cannot control which program is running on it. Of course this is vague enough that it could implement almost anything you want.
What makes it a TPM is the protocol it answers to. The TPM has a hardware RNG, and you can just ask it for some random numbers. That’s very simple. You can have it create encryption keys for you, since those are primarily just random numbers. You can ask it to _store_ a key for you, to be released to anyone who asks for it provided the TPM is in a certain state. What is this state? This is the really interesting part of the TPM.
The TPM has a number of registers that start off empty when the computer boots. At any point any program running on the computer can send a message to the TPM that asks it to incorporate an input into one of these registers. The input is a number, and the new value of the register is basically just the hash of the current value of the register and the new input.
If the BIOS/UEFI computes a hash of its own code plus the bootloader’s code and measures that into a register on the TPM then the bootloader could check the TPM to make sure that it hasn’t been tampered with before it boots. It’s easier though if the bootloader hashes the kernel (and the kernel command line) that it’s going to run and measures that into the same register. The kernel can then hash the initial ram disk and measure that in. At each step of the process we can measure the next important part of the OS and incorporate its value into the same register and at the very end we will have a number. If that number is the same every time we boot up the computer then we know that the computer and the software have not been tampered with. We can even send that number off over the network as part of a Remote Attestation protocol. You might have all the laptops you supply to your employees do this so that you can know that they haven’t been tampered with. Or all of your cloud instances could do this for the same reason. (Of course the exact number that the TPM ends up storing changes after every OS upgrade, and you need to have some way of knowing what numbers to expect, so this is a fair amount of work.) Remote Attestation is not really of any use to the average consumer, but reliably detecting a hacked OS would be.
Going back to encryption keys, you could store the encryption key for your home directory in the TPM, locked to a specific value of a specific register. You would then not be able to unlock your home directory if the computer has been tampered with. An attacker who boots off of a USB drive can’t possibly arrange for the same value to end up in the TPM, even assuming that they know what value is required. It will do them no good to take the encrypted disk out of the computer and put it in another one, because the key doesn’t go with it. Rubber hose cryptography isn’t useful either, even if there is also a password for your account. This should be quite valuable to many, if perhaps not all, users.
The TPM is a great thing, from Microsoft's perspective.
Because Microsoft have the Secure Boot code signing keys. And none of their users expect a "free software philosophy" that lets them use their own modified kernel, or DKMS to build new copies of kernel modules on demand - so you don't have to make users jump through any "machine owner key" hoops.
And a lot of your customers are big corporations who barely trust their own employees - and inexperienced users for whom forgotten passwords and suchlike are a big problem.
With the TPM, that corporation's shared PC at the reception desk can have an encrypted disk without all the receptionists needing to know the password, only their own passwords.
With the TPM you can remotely force a reboot to install updates, and the computer will fully boot afterwards - not get stuck at a disk encryption prompt. Ideal if your corporate work-from-home policy is for employees to remote desktop on a PC under their desk.
With the TPM, the PC can boot, unlock the disk and join wifi before any passwords have been entered - so a corporation's employees only need to remember their windows password, and if they forget it, helpdesk can reset it remotely. It's great for the user too, who doesn't lose their non-backed-up data.
With the TPM you can have a short, weak passcode to unlock your PC, without worrying about brute force attacks. That's great if you want a cell-phone-style experience - or if you find long passwords an inconvenience, rather than a badge of honour.
With the TPM a corporation can give a laptop to a service engineer, who'd really like to install some games to play when he's stuck in a hotel over night for a service call, and who has unsupervised physical access - secure in the knowledge it's very difficult for them to install unapproved software.
For a corporation that wants hardware-bound keys, the TPM is superior to things like Yubikeys, precisely because of its inflexibility. Why give people a second factor that keeps working when they move PCs and that's compatible with different platforms, if you never want them to move PCs or change platforms without going through you?
It just so happens that the majority of these only benefit large corporations and forgetful users, while most Linux users are quite happy remembering long unique disk encryption passwords thanks very much.
> while most Linux users are quite happy remembering long unique disk encryption passwords thanks very much.
Which brings something up: how do you get back in if you suffer a traumatic brain injury or something like that? I feel like a lot of software assumes the operator can do things like remember unique passwords for a long time.
Sure, I can do that NOW, but will I still be able to in my seventies?
Well, you could write down your password and give it to a trusted friend, a lawyer, or whatever so people can get into your documents if the worst should ever happen.
Personally I choose not to do that. My girlfriend sent those nude photos to me, not to my heirs or the executor of my estate. It's impossible to "get back in" without the password, and that's how it's meant to be. Of course if you've got no sexy photos, and lots of treasured photos of your family growing up, you might feel differently!
Yubikeys offer PINs and passwords, a physical user presence button, finger print sensors, NFC, and you can use one key on different PCs, you can deal with PC hardware failures by moving the key and deal with key failures with a backup key, and and it's compatible with Windows, Linux, OS X, Android and iPhone.
So they're a heck of a lot more flexible.
But in a corporate environment, you might not give a shit about Linux support, and you might think it's better if the user can't unplug the key and plug it into another PC, because corporate workers should only connect to corporate systems with their corporate-issued laptops, and corporate helpdesk will sort out any hardware problems.
Microsoft is just trying to match features with apple which does the sorts of things with the T2 chip. Home users probably don't care that much, but corporate users do.
That said, the root of all DRM is not the TPM or the GPU or whatever... it is hollywood.
Devices with dTPM were released in 2006. BitLocker leveraging dTPM released with Windows Vista. Corporations have been using BitLocker w/ TPM for nearly two decades at this point.
You're referring to first usage but I think the above is about first guarantee of what ALL products in the platform will have. Corporate purchases or BYOD, you can assume an Apple product has a reasonably secure way of storing the user's VPN key or whatever.
I'm convinced Microsoft is prepping to make Windows as locked down as the Xbox, so that they can have final approval over apps that run on the platform and skim the top off app sales.
Apple has shown that the game console model can work for non-gaming software, and Microsoft wants in on that third-party app cheddar.
My guess is that the b2b sales of Windows outnumber b2c, if not in volume then certainly in revenue.
Suddenly, enforcing company security policies centrally without the client (laptop) being able to change then and still attest to connect to the corporate VPN, becomes a feature.
After all, it's not your computer, it's the company's.
I think inTune already uses the TPM for that kind of stuff, so "install this before we let you into outlook web, and also we'll check you're not a year behind with windows updates" is a thing.
Requiring TPM can actually benefit multiplayer video games because it introduces a secure way to identify hardware being used by cheaters. Right now everything being used by games is easily spoofed by cheats so cheaters just need to get a new account to continue cheating after being banned.
Anti-cheat software is usually blocking playing in VMs or on Linux anyway.
Some monitors [1] have cheats like that built in now, too. They are much more limited than what cheats do today because they only have access to information visible on your screen (can't see other players through walls).
There are cheats that give you more information than you should have. These typically require access to the game process's memory space.
If you're cheating with a video capture card, this likely means you're allowing a program to rewrite your inputs to more accurately target player models. You will likely be banned if you do this on the same machine via screen capture. A video capture card can process the information on a separate computer, e.g. location of enemies by searching for specific colours, then write into a virtual USB mouse on the gaming rig to keep the player's crosshair on the enemy model. I'm not sure about specifics, but this kind of cheat is almost undetectable; it is only really mitigated by the cost and effort involved to do it.
Players can add additional mitigations on top of this, like only activating aim assist while the shoot button is pressed, to make it entirely undetectable.
Encrypted monitors can be countered by a high quality video camera mounted on a tripod behind your chair or on a wall or ceiling
Expensive, yes, but at that point you're already spending real money on a second computer with a GPU to do computer vision on the game video stream, so...
HDFury devices allow stripping of HDCP 2.2, and vast majority of users currently don't have HDCP 2.3 compatible monitors/TVs, so that's not an option yet.
Anti-cheat is a lousy cover for something that's going to be much more lucrative when used to correlate the accounts of journalists and whistleblowers such that they can be silenced. It's censorship tech.
This here is a stronger motivator than any other motivator mentioned in all other comments posted. And "journalist" will include anyone who has the "wrong" memes on their machine.
This only matters for a tiny minority of video games, and even a small minority of multiplayer video games : for instance this is not going to be something I'm worried about if I play couch co-op / split screen multiplayer with friends only.
Customers are typically unhappy when Microsoft refuses to fix critical bugs that only arise when running Windows on older hardware.
To the average user, "Windows installs without error and hardware appears to work" = "Microsoft supports running Windows on this hardware", even if the hardware is EOL and requires drivers that haven't been updated since Windows Vista.
Windows 10 to Windows 11 upgrades are free. You know what's not free? The Windows license on a brand new computer if it's bundled with Windows. And here's a friendly reminder that the vast majority of users don't know how to build their own computer and install an operating system, even if it truly has been made extremely simple nowadays.
As the article points out, the TPM is not in a good place, architecturally, to use for DRM: there's no path from the TPM to the screen that's not under OS (and thereby user) control.
Currently, no. But once (undetectable) OS modification is no longer possible, making the undecrypted media unreadable is just a few API restrictions away.
In Android phones for example you cannot screenshot banking apps. And if you root (modify the OS of) your phone, banking apps refuse to work.
However, for the question at hand, that's irrelevant: a better (for DRM) solution exists today, and they're already using it.
I'm not saying that the TPM is incapable of being abused by manufacturers and OS authors, but the FSF really weakens their argument when they predicate it on something that's not actually true. Ex falso quodlibet (you may prove anything if you rely on a falsehood).
hard disagree. All security requires a root of trust. If you don't have that, how can you ensure you're not running on a mailicious hypervisor, you've not loaded any bad drivers etc.
You can only guess, and badly at that.
Because we don't have it, that's why we get crap like kernel-level anti-cheat, various 'security' solutions made by companies of dubious reputation and technical ability, just because you refused to trust Microsoft.
And even if these companies are somehow not malicious, and can be trusted, they still often compromise the stability and security of the OS.
The amount of crap Riot's anti-cheat and Crowdstrike has caused is well documented.
It's the computer security equivalent of not trusting Big Pharma, and taking a random assortment of herbal medicine coming from god knows where, and containing god knows what.
All they did was release technical drawings for a proprietary connector they designed to interface with their products. That's not what "open source" means. They're not releasing any schematics for their products. This is purely so you can build devices that can interface with their proprietary connector, which will be financially beneficial to them as most people probably do not own a Beelink PC.
I've been shouting at the void for years (https://gist.github.com/osy/45e612345376a65c56d0678834535166) about how TPM doesn't bring any practical security and was originally introduced for DRM then repurposed to sell "enterprise" security and now it's used as an excuse to force consumers to buy new PCs. TPM was designed by a committee who focused on designing the most secure gate without building a fence. There are many issues that Microsoft knew about for decades and never bothered to fix because security was never the goal.
This can be said for 90% of all cargo-cult "infosec" initiatives.
At best, you're gaining marginal security benefits at the cost of major productivity loss of power users and performance loss on older OS/hardware combinations.
What does TPM has to do with this? Microsoft is cutting support for CPU generations irrelevant to TPM support. It's just a cutoff CPU makers told them to add. There is an official Microsoft Long term security support version of Windows 11 that doesn't have any tpm or cpu age requirements (other than an instruction that was added to all cpus 15 years ago).
It's true that nobody is expected to balance a binary tree as part of the job but the point of these questions is to see how you approach the problem and how you communicate your solution. Given that you can't perfectly predict how someone will do at the job, employers use leetcode problems as a proxy. Even those who memorize leetcode solutions must also memorize how it works and understand the solution. Given that the problem is random and you're likely given multiple interviews, it's unlikely you've memorized the exact problem and solution without cheating. If you've memorized enough solutions that it's likely you've seen the problem before and you can understand the solution enough to present it, then you're in the 0.1% and deserve to pass.
> the point of these questions is to see how you approach the problem and how you communicate your solution
I disagree. It’s supposed to be that, but the reality of the interview is that there isn’t any time to problem solve so you need to learn the problems and just regurgitate the solution.
That doesn’t put you in the top 0.1%, it ensures you’ve spent dozens of hours practicing questions.
There is nothing that is safe against physical attacks practically. You can always find a point where you can do a MITM attack as the communication channels between the TPM and anything else is almost always insecure.
>There is nothing that is safe against physical attacks practically.
This! If security is your prime directive in your line of work(government, highly sensitive data, etc), then as long as your device has been outside your physical possession and in the hands of an untrusted third party, then it's automatically considered compromised and gets wiped or discarded by your IT department.
Because no amount of marketing security fluff from Microsoft, Apple, Google can stand against targeted attacks of state actors or knowledgeable motivated well funded actors with freshly acquired zero days.
The security they provide is only good enough against the average thief off the street, which I guess covers 98% of Average Joe's threats.
Even CC security certifications never judge a device whether it's hackable or not, but only on how long it takes for it to be hacked by an accredited lab, because nothing with outside physical access is ever unbackable. With enough time and six figure equipment off the publicly available commercial market, everything reveals its secrets eventually. And that's without zero days off the black market.
> only good enough against the average thief off the street,
Even there, only Apple has effective protection against street-thieves. Nearly all other models of phones/laptops can have their anti-theft features reset by a guy in a dark alley with a flash programmer...
So far, most thieves aren't interested in your info, they just want to reset the hardware and give it a new serial number.
Most other makes of phones and laptops aren't as valuable as Apple's to be big targets of theft. And Samsung has KNOX and Pixels have Google's Titan security.
Also, physical security is sometimes the best thing because it maps well to all of our human intuitions and senses for enforcing it and detecting when it was violated.
Consider how different a wireless hacking attack is from one where somebody has to sneak up and stab your device with an RJ-45 plug.
I use to work in Microsoft DRM. I used to say: the key is on the machine! This is like leaving your house key under a rock in the garden. It just puts up a barrier of a certain level which puts off most villains.
Sure, but there are many shades of gray. Directly leaking the entire key on an external bus is very different than needing to find and somehow bond to individual traces (likely below the top metal layer) on the die itself.
Only a sith deals in absolutes (jk). Even with physical access, you can define restrictions that introduce some level of difficulty for a threat actor with limited capability. For example, you can just kick in most house doors to get past locks, but people still lock their doors. Cars are a better example, most car theft happens when people leave their doors unlocked.
Having a non-zero attack surface doesn't mean your security system provides "zero practical security". This is at best equally as hyperbolic as the vendors' own marketing claims that you are arguing against.
Not really? Encrypted sessions block the trivial attack of just watching the secret go across the bus. Pushing people to MITM attacks is already an improvement, and while generating initial trust in the TPM for that purpose isn't straightforward, it's not impossible. The almost universal implementation of TPM-backed secret management isn't secure against physical attack, but that's very different to "insecure by design". All the primitives to make this work reasonably are there, OS and firmware vendors just aren't using them.
Yes really. The lack of any working implementation in production systems is an issue (D-RTM + encrypted sessions), something that Apple has done in an equivalent threat model since the iPhone 11. You can argue that "insecure by design" doesn't apply because there is a secure design in the abstract but the fact that nobody has adopted it in 20 years says something about the design itself.
It's _also_ insecure by design because in every deployed implementation (including with PIN), it is S-RTM meaning that _any_ UEFI driver vuln will compromise your TPM key. Yes, any UEFI vulnerability in its countless vendor drivers, USB stack, network stack, etc.
>All the primitives to make this work reasonably are there, OS and firmware vendors just aren't using them.
To be precise, both Windows (according to the article) and Linux+systemd (since systemd v251) support letting the user specify a TPM PIN and then use parameter encryption. But yes, both make it optional.
It's not actually used for DRM, that's part of Intel ME and why AMD PSP is closed source. Both of those are involved in setting up "protected media path" which is all about setting up encrypted channel between display and media player to prevent sniffing.
TPM could be used for DRM in the sense that DRM software could refuse to run on system that isn't approved, but it's not going to stop you from enjoying a DRM free system - in fact it can help by explicitly supporting clearing of TPM state by owner.
> Glad they were able to figure out the branding though.
That's pretty obviously something someone threw together in a few minutes after grabbing a few [0] random images from the internet. This isn't one of those exploit sites with more effort poured into marketing than the exploits themselves.
The vulnerability branding trend is stupid, but I'm not sure it's worse for communicating what you're talking about than "CVE-2023-129038, 109239, and 120993" or "Those 5G vulnerabilities from uh I think 2022 or 2023? No not those, the other ones." Is there a better method?
I don't think it's stupid because I can't, off the top of my head, tell you the CVE number for Heartbleed, despite being very involved with it for a couple of weeks.
Heartbleed I remember, along with Spectre/Meltdown, but I couldn't name the weak exploits that turn out to be nothing burgers. Log4j could have used a brand though, imo.
They observed just crashes and they didn't try to research exploitability. Absent more details, and knowing the usual exploitability distribution of C crash bugs, this would seem in doubt still.
While the RP2040 and RP2350 has a much nicer to use SDK and for certain applications like USB it is much easier to set up, the STM32 is much more versatile and is just a much more mature product (don't get me started about the RP2350 having broken pull-downs on GPIO pins).