Talk:Trusted Platform Module

Reorganize the availability section
I'd like to reorganize the availability section, which is titled TPM is implemented by several vendors: into sections on the TPM itself, platforms, software support, virtualization.

Is that OK? — Preceding unsigned comment added by Kgold1 (talk • contribs) 17:55, 2021 June 17 (UTC)

Restriction law section
The restriction law section states that Chinese and Russian laws restrict TPM access and then link to an article that speculates the reason that Windows 11 has optional flags to remove the TPM requirement is due to these laws.

However, the following press release shows that China and Russia both approved of TPM 2.0 -- https://trustedcomputinggroup.org/trusted-computing-group-tpm-2-0-library-specification-approved-isoiec-international-standard-date-published-june-29-2015/

I can also confirm that desktops that have been purchased in China have TPMs in them. — Preceding unsigned comment added by 59.148.176.172 (talk) 08:04, 2021 July 21 (UTC)

Needs reference for edit on Chinese algorithms.
A recent edit says (in the past). This needs a citation. — Preceding unsigned comment added by Kgold1 (talk • contribs) 21:11, 2021 August 13 (UTC)

Attacks
I've read somewhere that Win11 with disk encryption with TPM can be decrypted using a oscilloscope (if you can get between the chip and the CPU). 89.67.244.199 (talk) 19:49, 20 December 2023 (UTC)


 * Link to source? – Novem Linguae (talk) 22:08, 20 December 2023 (UTC)

Here's something Microsoft's Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi and a bit of braininess | PC Gamer

Wolf1098 (talk) 04:22, 12 February 2024 (UTC)


 * For those who aren't inclined to read the article, the essence of the flaw is that any encryption/decryption engine has to be initialized with cryptographic keys that can be intercepted and used to decrypt the data. A well designed hardware implementation requires physical access to intercept the keys. In the example a raspberry pi was modified to allow it to connect to the target PC's cryptographic engine chip so that it could intercept the cryptographic keys when they were loaded. Once the keys were intercepted the laptop's SSD could be removed and decrypted on another computing platform and then replaced without detectably altering the laptop. PolychromePlatypus (talk) 20:49, 5 May 2024 (UTC)