You wouldn't, you would just impersonate their authorised user, unless there's a user password check required with user-annoying frequency.
On Sep 2, 8:52 pm, Jeff Enderwick <[email protected]> wrote: > How would you extract the private keys from the TPM? > > > > On Thu, Sep 2, 2010 at 5:09 PM, Chris Palmer <[email protected]> wrote: > >> TPM would allow you to securely store the private keys associated with > >> a client cert. And IMO that is a pretty useful thing. Especially when > >> there are official loads like this: > >>http://grack.com/blog/2010/07/07/how-we-found-a-backdoor-in-sprints-e... > > > No, a TPM will not help you if an attack has rooted your system. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Android Security Discussions" group. > > To post to this group, send email to > > [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group > > athttp://groups.google.com/group/android-security-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
