Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
wolvoleo 2 hours ago

To be honest if I got fired in a mean or unfair way I'd definitely hit back at my employer in such a manner if I'd have the ability to. I'm unlikely to have that though as I'm not aware of any saucy company secrets. But if this is what happened I think it's pretty justified.

The secret here seems to be that Microsoft caches the key somewhere even when it's supposed to be only in the TPM! That's a pretty big revelation IMO.

mananaysiempre 2 hours ago | parent [-]

> The secret here seems to be that Microsoft caches the key somewhere even when it's supposed to be only in the TPM!

Not what happened here (I reserve my judgment wrt the promised TPM+PIN exploit).

In the default TPM-only mode of BitLocker, the secret is in fact in the TPM, which will (as instructed by Windows upon key creation) release it to the correct OS running on the correct computer. Notably not in the picture is any user-provided data: measured boot is the only protection. It is only the correct programming of the OS that makes it request an account password (completely unrelated to the disk-encryption cryptography) before letting the user poke at the disk, which the OS can at that point already decrypt.

Well, turns out the programming is such that if you ask politely it’ll just pop an Administrator(?) shell.

wolvoleo 28 minutes ago | parent [-]

> Not what happened here (I reserve my judgment wrt the promised TPM+PIN exploit).

Yes this is the one I'm referring to.

I have noticed it myself, it has happened to me that my system rebooted to install updates and it did not pass through the blue TPM pin entry screen at that point. That was a big red flag for me. A normal reboot always does that, even a 'hot' reboot.

mananaysiempre 8 minutes ago | parent [-]

> A normal reboot always [forces the TPM pin entry screen], even a 'hot' reboot.

In TPM-only mode, I only see the screen—which asks for an recovery key that serves an alternative to the TPM-borne secret, not for whatever you are calling the “TPM PIN” here—whenever I update the firmware or the bootloader (the latter from the other side of the dual-boot setup). Otherwise it boots straight to the login screen, which meshes with the measured-boot-only theory of operation I’ve described above. There’s nothing nefarious in this part, even if I think it exposes an unwisely large attack surface (e.g. the USB stack). I suspect you simply reboot so rarely you’re never hitting the happy path.