Oddbean new post about login | logout @2ffa8eb4 Isn't this worse that the current state of things? At the moment I have a large LUKS password in my brain. But instead the password will be stored inside a sketchy chip. Am I misunderstanding how this works? I'll know if I'm forced to leak the key, where as the TPM might leak it if it's an evil one.
@54ac4ca4 nah, what the tpm stuff enables you to do is certainly non-interactive secure bootups. Which is great for embedded and server systems. I.e systems that have noone sitting in front of them who could type in a pw. But it is also good in case you want interactivity on unlocking: you can combine the tpm/pcr stuff with a password so that you get the guarantees the tpm is supposed to give you about hw and sw state *and* the benefits of a password stored in your brain if you want.
@54ac4ca4 in fact you can even use the pcr measurements to make the system authenticate itself to you, before you type in the pw, so that you know for sure its really your unmodified laptop you are typing your secret into and not just a lookalike or a laptop that was backdoored while you were away. Tldr: no, the tpm stuff (when done correctly) should always improve security never worsen it. You make a variety of attack scenarios much harder if you bind things to the tpm, even if you...
@54ac4ca4 ... otherwise leave your auth flow as it was.