Y
Hacker News
new
|
ask
|
show
|
jobs
by
shitter
523 days ago
This is mitigated if your initramfs + kernel are measured into the TPM, right?
Edit: never mind, I think it's still vulnerable.
1 comments
jakogut
523 days ago
Your edit is correct. The kernel and initramfs are exploited unmodified to boot a tampered root filesystem, which allows userspace tools to extract data from the TPM, as the PCRs used to protect data like the LUKS passphrase have not changed.
link