You are not logged in.

#1 2022-08-04 02:55:48

itskiasoc5
Member
Registered: 2022-01-08
Posts: 11

How is access to data not protected on stolen hardware with TPM?

The wiki page on TPM says:

Warning: If you use this method on your root volume, this means that, as long as the previously mentioned certain conditions are met, your computer will unlock automatically at boot without needing to enter an encryption password.

That's fine, but I'm confused by this:

This means that access to data is not protected in case the hardware gets stolen.

What kinds of attack could access this data?

Offline

#2 2022-08-04 03:07:08

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: How is access to data not protected on stolen hardware with TPM?

itskiasoc5 wrote:

What kinds of attack could access this data?

If an attacker is able to gain possession of your device then the disk may as well be unencrypted.


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#3 2022-08-04 03:11:22

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,449
Website

Re: How is access to data not protected on stolen hardware with TPM?

That part of the warning is quite strait forward ... to the point of being blatantly obvious.  So I'm not sure what you're asking.

If you configure your system to decrypt automatically on power on without any password, then all the theif would need to do to have complete access to all of your data is power on the system.  What's not clear about that?


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#4 2022-08-04 17:44:26

itskiasoc5
Member
Registered: 2022-01-08
Posts: 11

Re: How is access to data not protected on stolen hardware with TPM?

Trilby wrote:

If you configure your system to decrypt automatically on power on without any password, then all the theif would need to do to have complete access to all of your data is power on the system.  What's not clear about that?

There is still the login prompt/lock screen protecting access to the user session. Assuming that there is no way to bypass login (eg mashing keys for button overflow a la cinnamon lock screen), what can the thief do to extract the disk's contents?

Offline

#5 2022-08-04 17:57:46

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,449
Website

Re: How is access to data not protected on stolen hardware with TPM?

There is absolutely no need to log in to access all the data on the disk once it is decrypted.  There are likely countless many ways to do so, even if only a few I might be able to enumerate.

But in any case, the data is not protected by the encryption scheme which is pretty clearly what the quoted wiki page is referring to.  This does not mean that there may not be other protections on your data.  But I'd never considered a user-session / gui lock screen to be a form of real data protection.

Last edited by Trilby (2022-08-04 18:04:14)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

Board footer

Powered by FluxBB