News Score: Score the News, Sort the News, Rewrite the Headlines

Bypassing disk encryption on systems with automatic TPM2 unlock

Have you setup automatic disk unlocking with TPM2 and systemd-cryptenroll or clevis? Then chances are high that your disk can be decrypted by an attacker who just has brief physical access to your machine - with some preparation, 10 minutes will suffice. In this article we will explore how TPM2 based disk decryption works, and understand why many setups are vulnerable to a kind of filesystem confusion attack. We will follow along by exploiting two different real systems (Fedora + clevis, NixOS +...

Read more at oddlama.org

© News Score  score the news, sort the news, rewrite the headlines