Comment by oktoberpaard
3 days ago
Local software could be stealing plaintext secrets from your encrypted disk. Physical access is not the only attack vector.
3 days ago
Local software could be stealing plaintext secrets from your encrypted disk. Physical access is not the only attack vector.
The only way to protect against that is if a secure application boundary is enforced by the operating system. You can make it harder for other programs to uncover secrets by encrypting them, but any other application can reverse the encryption. I don't believe using the tpm meaningfully changes that situation.