While I’m not really a gamer, I do think the conundrum of online games cheating is an interesting technical problem because I honestly can’t think of a “good” solution. The general simplistic answer from those who never had to design such a game or a system of “do everything on the server” is laughably bad.
metalcrow 42 minutes ago [-]
>TPM-based measured boot, combined with UEFI Secure Boot, can generate a cryptographically signed attestation ... This is not a complete solution (a sufficiently sophisticated attacker can potentially manipulate attestation)
I was not aware that attackers could potentially manipulate attestation! How could that be done? That would seemingly defeat the point of remote attestation.
gruez 34 minutes ago [-]
The comms between the motherboard and the TPM chip isn't secured, so an attacker can just do a MITM attack and substitute in the correct values.
metalcrow 21 minutes ago [-]
That's fair, although aren't most TPMs nowadays fTPMs? No interceptable communication that way.
Retr0id 8 minutes ago [-]
Until they require fTPMs, an attacker can just choose to use a regular TPM.
A more sophisticated attacker could plausibly extract key material from the TPM itself via sidechannels, and sign their own attestations.
Retr0id 1 hours ago [-]
This got me wondering how easy it'd be to automate discovery of BYOVD vulns with LLMs (both offensively and defensively)
Rendered at 02:56:20 GMT+0000 (Coordinated Universal Time) with Vercel.
I was not aware that attackers could potentially manipulate attestation! How could that be done? That would seemingly defeat the point of remote attestation.
A more sophisticated attacker could plausibly extract key material from the TPM itself via sidechannels, and sign their own attestations.