Today’s PCs are locked up with Trusted Platform Module (TPM) devices so much so that modern Windows versions insist on having a recent TPM to even install. These have become so prevalent that even larger embedded boards now have TPM and, of course, if you are repurposing consumer hardware, you’ll have to deal with it, too. [Sigma Star] has just the primer for you. It explains what TPM does, how it applies to embedded devices, and where the pitfalls are.
The TPM is sometimes a chip or sometimes secure firmware that is difficult to tamper with. They provide secret storage and can store boot signatures to detect if something has changed how a computer starts up. The TPM can also “sign off” that the system configuration is the same to a remote entity. This allows, for example, a network to prevent a hacked or rogue computer from communicating with other computers.
Embedded systems, usually, aren’t like PCs. A weather station at a remote location may have strangers poking at it without anyone noticing. Also, that remote computer might be expected to be working for many more years than a typical laptop or desktop computer.
This leads to a variety of security concerns that TPM 2.0 attempts to mitigate. For example, it is unreasonable to think a typical attacker might connect a logic analyzer to your PC, but for an embedded system, it is easier to imagine. There is a session-based encryption to protect against someone simply snooping traffic off the communication bus. According to the post, not all implementations use this encryption, however.
Motherboard has a slot for TPM, but no board? We’ve seen people build their own TPM boards.
Title image by [] CC BY-SA-4.0
Bitlocker is probably the most notable example of a technology not using session encryption. Because of this, it is susceptible to bus sniffing attacks.
One of the nicest feature of a TPM plugin is I believe it can maintain the keys between motherboard (within same TPM compatibility) and OS updates.
Changing your CPU or Motherboard or even flashing the bios on your motherboard invalidates your fTPM.
I’m not sure how much change a dTPM can stand but that alone is worth it.
All your windows hello, bitlocker, passkeys etc are gone the moment you sneeze at a fTPM.
I never understood this TPM stuff, it can’t protect against the usual vector (sales rep clicking on a fishy email link, crypto locker etc), it only protects against bootloader or firmware modification… Which literally no maleware ever targets.
What is it for really?
My simplistic understanding is it ties the storage media, the encryption of that media, and the mobo together. It supports UEFI too. From a information assurance perspective, it prevents easy hijacking of hard drives from systems and subsequent exploitation of that media on a different host computer without knowledge of the full bitlocker keys. It has no role to play in endpoint protection or preventing malware, it’s only involved in detecting significant change to the operating environment that suggests that the media may have been stolen or compromised.
That isn’t exactly true, in that yes it can be a part of the chain to protect against those things, even if Windows does not avail itself of that by default.
For example, the tpm can ensure my bootloader of choice is the only one that can load. My bootloader can ensure my choice of kernel/os is the only one that can boot. I can lock down that OS so only executables of my choice can run.
I would not take the time to obtain some malware exe and sign it with my private key or add its hash to the allow list. Thus, it won’t run.
I can even hand the computer over to you and be mostly assured of this.
You can’t boot from usb to access the disk, so you can’t get at the OS files nor modify the system by adding malware to it.
You can’t transfer my computers boot disk to another computer and do anything with it, as half the encryption key to the drive is in the tpm.
It’s even a decent block to keep you from simply wiping the HD (which you can do putting it in another pc) and installing a fresh copy of windows. It won’t boot it, only a bootloader and kernel signed by me can be installed.
Recently I had ended the contract I had doing warranty repair work and since one of the companies we did was HP we had a bunch of little programs that you would boot into and one of them was for complete control of the TPM module where I could change it wipe it upgrade it. It was a real benefit that it turned out to work for every computer that I used it on and not just HP.
Regarding: “What is it for really?”
TPM combined with the end of Windows 10 ensures that (at least) millions of people are required to throw perfectly fine hardware onto the trashheap effectively forcing them to buy new hardware with only the promise of creating a safer system. So in short, TPM will ensure a short term boost of sales. And when everybody has bought this TPM supported hardware and sales decline they introduce a “better” TPM and everything starts all over again… keep repeating for max. profit.
Maybe people will be “required” to install Linux in the same manner? And for those not aware you can install Windows 11 in a VM providing a virtualized TPM. So, no not everyone is “forced” to buy new hardware.
Maybe not actually forced, but for many people what is barely an inconvenience for this community is insurmountable.
TPM can be connected to the SMBus often found on the M2 Wifi connector,
so upgrading older hardware is not impossible.
But Windows 11’s minimum CPU requirement is a recipe for e-waste,
It’s simpler than that – Microsoft and the manufacturers wanted to drop their aging security liabilities.
The hardware is “perfectly fine” for you, but inconvenient for them to support.
Outside of professional environments (datacenters, civil infrastructure, billion-dollar businesses), TPM does one functional thing: makes it nearly impossible for you to acquire any of your data if your computer dies greatly incentivizing the usage of a cloud-based backup solution, thereby coercing average users into mindlessly uploading their private data to a cloud where it can then be scraped and sold for profit. It was no coincidence that OneDrive and Recall magically appeared as “features” the same time as TPM was also required – it was planned. They got the idea from cell phones, if you’re wondering.
OneDrive and Recall have nothing to do with TPM.
OneDrive was around in the era of Windows Vista and isn’t dependent on any hardware security features.
It can be used for backup when Bitlocker or full disk encryption are enabled, but those are not enabled by default. So yes, you can lose all your data if you enable full disk encryption.
Microsoft can’t sell user data from OneDrive. That is, quite literally, illegal. I can understand the argument that Microsoft pressures users into a subscription ( who has less than 5gb of data? ) but let’s not waste time pretending Microsoft would risk putting themselves in that legal position.
Recall is dependent on Neural Processing Units ( NPUs ), which are entirely unrelated to TPM. Recall does require that full disk encryption ( or Bitlocker ) be enabled for security so it is dependent on the TPM in that way.
I did an article about extracting Bitlocker keys and decrypting a disk using a logic analyzer https://lucasteske.dev/2024/01/tpm2-bitlocker-keys – its sad that its so easy to break disk encryption on windows because they dont think physical access is an attack vector :(
(PS: I already did this attack during a physical pentest on a company, very succesfully, so physical SHOULD be an attack vector)
One reason industry is behind TPM is that it helps support digital rights management (https://www.schneier.com/blog/archives/2008/05/tpm_to_end_pira.html, https://ieeexplore.ieee.org/document/5283799). Just as printers and scanners now can sense attempts to copy currency at a firmware level, TPM can help make a PC that cannot be modified to pirate media.
Whether that is a good thing or not depends on ones point of view. Personally, I was dismayed when Amazon removed already-purchased copies of 1984 from users’ Kindles. Big brother is watching you.
You want a pretty good idea how to secure communications with a TPM look at the stuff they added to the 6.10 kernel. It looks like about as good as you can get without running a self test on every boot.