| ▲ | palata 16 hours ago | |
Though if your computer is compromised, then the malware can read the password, right? | ||
| ▲ | Borealid 15 hours ago | parent [-] | |
If your computer is compromised while you enter the PIN in such a way that the malware can read your input, yes. If your computer is compromised after you've already entered the PIN, or there is an app running on the computer but it is not sufficiently privileged to sit in between you and the TPM, no. That's quite good protection generally. The defense against this type of attack is to get a smartcard reader with an on-board PIN entry keypad - those do exist, but it's quite a step. | ||