It says that a TPM is, at best, “redundant”. “The only thing that TPM is almost guaranteed to provide is a false sense of security,” says the FAQ. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. VeraCrypt’s FAQ insists BitLocker and other utilities that rely on TPM use it to prevent against attacks that require an attacker to have administrator access, or have physical access to a computer. Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. This argument is still available on VeraCrypt’s website, however. VeraCrypt is an active fork of TrueCrypt. So it’s a bit of a confusing mess in TrueCrypt land. Of course, TrueCrypt’s website now states that TrueCrypt itself is vulnerable and recommends you use BitLocker - which uses TPMs - instead. It slammed TPM-based solutions as providing a false sense of security. TrueCrypt’s FAQ - now taken down - used to stress why TrueCrypt didn’t use and would never use a TPM. Of course, a TPM isn’t the only workable option for disk encryption. RELATED: 3 Alternatives to the Now-Defunct TrueCrypt for Your Encryption Needs BitLocker can function on drives without TPMs, but Microsoft went out of its way to hide this option to emphasize how important a TPM is for security. That means it has to store its encryption keys on the hard drive, and makes it much less secure. It has no way to store encryption keys in a TPM. This is one reason why the older Windows EFS encryption technology isn’t as good.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |