alt Hacker NewsThe comms between the motherboard and the TPM chip isn't secured, so an attacker can just do a MITM attack and substitute in the correct values.
Replies
metalcrow • today at 2:35 AM
That's fair, although aren't most TPMs nowadays fTPMs? No interceptable communication that way.
➕ show 3 replies
That doesn't sound accurate. The T in TPM stands for trust, the whole standard is about verifying and establishing trust between entities. The standard is designed with the assumption that anyone can bring in their scope and probe the ports. This is one of several reasons why the standard defines endorsement keys(EK).