>Our attacks have shown that an fTPM cannot sufficiently protect its internal state against firmware or physical attacks. In such a scenario, a passphrase-only key protector of reasonable length provides better security than a TPM-only protector with a numeric PIN (5.3.1). This is in stark contrast to Microsoft’s claim that “BitLocker provides the most protection when used with a Trusted Platform Module” [29] (see also in 2.3). In fact, of all available protectors (seen in Figure 1), TPM-only is arguably the weakest protection strategy.
This might not be surprising to some, despite Windows hiding the GUI passphrase functionality behind some group policy settings, both "Require additional authentication at startup" and "Enhanced PIN", which isn't perhaps the most intuitive and a normal user might not even realize unless they notice the "normal" PIN is numerical-only. In any case, for the average person that might have their devices stolen, this is likely not to be a threat, but I think a passphrase should always be preferable, BitLocker doesn't support any better option.
It's because tpms are small and have small storage. The outrageous "its a secret cabal" voices are a prime example of what people cook up when faced with something they cant explain due to ignorance but feel the need to have an answer. Its as outrageous as a Republican saying "Q did it."
Wondering if something was requested by law enforcement isn't implying a cabal, chill.
Also a couple kilobytes of flash costs basically nothing. And you could hash keys over a certain length, which is much better than having such a short limit on a human-typed string.
A couple of kilobytes of flash also doesn't come with the protections the tpm offers (or at least is supposed to offer, considering the article in the OP)
If you'd like to provide schemata, open standards and source code for them, then don't keep the class waiting.
Don't/can't? Then you're a fool trusting someone else to do something you yourself cannot inspect. Then again, most people seem to be oddly fine with that. I am not of that number.
>to allow the British secret service to eavesdrop more easily. The British proposed a key length of 48 bits, while the West Germans wanted stronger encryption to protect against East German spying, so the compromise became a key length of 54 bits
>Documents leaked by Edward Snowden in 2013 state that the NSA "can process encrypted A5/1"
Why? The FBI pitched a fit over access to a shooter’s phone in the press a few years ago, then stopped.
Now, you have a multiple products on the market that can crack passcodes by utilizing flaws that allow you to brute force PINs, which are by default 6 digit numbers. (Despite most guidance demanding 8)
I have no idea if anyone has covered it. It's industry knowledge. Source: me
I figured it would be generally known at this point, especially with the whole perceptual hash debacle (intended to satisfy LEAs despite the plan to finally enable image encryption). I'm not sure what the internal politics looked like after the perceptual hash snitch got axed - my friends who would know quit Apple by then.
Any key strength limitation is mandated by... certain forces. This is not a secret (anymore). "If anything in consumer tech can be weakened, make sure it is".
This might not be surprising to some, despite Windows hiding the GUI passphrase functionality behind some group policy settings, both "Require additional authentication at startup" and "Enhanced PIN", which isn't perhaps the most intuitive and a normal user might not even realize unless they notice the "normal" PIN is numerical-only. In any case, for the average person that might have their devices stolen, this is likely not to be a threat, but I think a passphrase should always be preferable, BitLocker doesn't support any better option.