• DoomBot5@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    9 months ago

    If you have physical access to the hardware, have spent weeks researching it and produced a custom solution specific to that board and revision, etc. Sure, the last step of the process is quick - but let’s not forget the time spent developing this solution.

    That’s not what anyone means when they say quick. They’re talking from the moment the attempt is initiated until the time data is extracted. In this case countdown starts the moment you get access to the hardware.

    • thantik@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      edit-2
      9 months ago

      And the moment he got access to the hardware was weeks ago when he opened it up and started probing around for the right points to access; prior to him making a custom PCB for it; which would (in most secure instances) require tripping a case-open switch present in most devices where security is a priority.

      You can’t just hand-wave away all the prep work he was doing here…it’s great for the sensationalist news headline for sure, but not entirely accurate.

      Seriously, watch the video all the way through - he spends quite some time pulling the motherboard, probing around in order to figure out where signals go, and developing a custom solution for that VERY specific computer, that VERY specific motherboard revision. He can’t just go use that tool on any PC he runs across.

      Please watch the whole video and not just the first 30 seconds of it.

      • DoomBot5@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        9 months ago

        That’s great and all, but he owned that hardware. You’re not developing hardware exploits on a target’s hardware, you do it on a copy of the target’s hardware.

        That’s like claiming the NSA spent months breaking into your phone. In reality, they spent months developing exploits on the iPhones they bought and minutes breaking into your phone once they have it.

        • thantik@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          9 months ago

          And that says nothing about the fact that this hardware is old. The problem has already been fixed in modern hardware, where the TPM is internal to the CPU and doesn’t have external access points like this. So…the problem has already been fixed as well. That’s why I’m calling it such a silly, overhyped article. It’s great clickbait, but it has very little basis in the real world as of today.

          • DoomBot5@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            2
            ·
            9 months ago

            Whoops, looks like you relocated the goalposts somewhere else. Might want to move them back to where they were.

            • thantik@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              edit-2
              9 months ago

              The goalpost was “This is a sensationalist headline that doesn’t tell the whole truth”…sorry you missed it, it’s pretty big. I tried to hit on every bit of bullshit, but you seem to have misconstrued that as the actual point, instead of just a portion of the argument.

              • DoomBot5@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                9 months ago

                You went on your triad of how you incorrectly attributed hacking time while nobody else thought that way, then shifted the goal posts once proven wrong.