Comment by ranger_danger
4 hours ago
You're assuming the PIN was ever connected to the key itself in the first place. We don't know how that mechanism works, it could just be a totally separate gate that IS bypassable.
4 hours ago
You're assuming the PIN was ever connected to the key itself in the first place. We don't know how that mechanism works, it could just be a totally separate gate that IS bypassable.
We can just do research to figure that out? The recent trend towards conspiracy theories against things that are trivially discoverable is so frustrating.
https://post-cyberlabs.github.io/Offensive-security-publicat...
https://blog.scrt.ch/2024/10/28/privilege-escalation-through...
Yes, the PIN is entangled with the key material.
The article shows that the PIN-entangled key material can still be downloaded directly from the TPM.
This means it's vulnerable to an offline bruteforce attack to derive the PIN.
So it's still exploitable, even in an automated fashion, just slower.
> The recent trend towards conspiracy theories against things that are trivially discoverable is so frustrating.
So true.