this post was submitted on 23 Jun 2024
86 points (96.7% liked)

Technology

34894 readers
895 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
top 5 comments
sorted by: hot top controversial new old
[–] Bitrot@lemmy.sdf.org 21 points 4 months ago* (last edited 4 months ago)

Poorly written article with little substance but a zinger of a headline. Think they’re trying to take advantage of announcements of Intel and TPM security flaws in the past to get more clicks.

This is a UEFI firmware issue that can be patched by BIOS vendors. It is an issue at a very low level, but not an issue with Intel or the TPM.

The exploit is in the UEFI firmware code for handling the TPM and used for privilege escalation in that firmware, “TPM won’t save you” doesn’t really make sense because no shit. The vulnerability doesn’t mean the TPM unseals its contents though, and I’m curious if the exploit modifies the PCR values enough that OS security could trigger (Bitlocker recovery and whatever). Wouldn’t help if the malicious software was already there though.

[–] qprimed@lemmy.ml 13 points 4 months ago* (last edited 4 months ago) (1 children)

phew! good thing I still have a few 386sx AMI BIOS boards handy. no ones shopping around zero days on those anymore, right?

[–] MyTurtleSwimsUpsideDown@fedia.io 12 points 4 months ago* (last edited 4 months ago)
[–] sunzu@kbin.run 10 points 4 months ago (1 children)
[–] underisk@lemmy.ml 10 points 4 months ago

If you disable it you can prevent Microsoft from force updating your windows 10 install to windows 11. Obviously a play to get people to buy new hardware for 11 but a useful anti feature I suppose until you can stomach switching to Linux.