>-----Original Message----- >From: Rich Freeman <ri...@gentoo.org> >Sent: Monday, March 21, 2022 1:08 PM >To: gentoo-user@lists.gentoo.org >Subject: Re: [gentoo-user] KDE, sddm etc security. Plus LVM question. > >On Mon, Mar 21, 2022 at 2:30 PM Laurence Perkins <lperk...@openeye.net> wrote: >> >> Having it remain unlocked and capable of rebooting unless the accelerometer >> showed movement I think was an option since the TPM kept monitoring even if >> the mains power was interrupted. >> > >Yeah, there might still be ways to accomplish it with features like this. > >> >> Could probably do something similar these days with one of those $3 bluepill >> boards and one of those new 3d printers capable of embedding metal though. > >Or you could just use the TPM that is probably already in your computer... :) > >-- >Rich > > The TPM in most computers doesn't dump the keys if someone tries to open the case to install hardware sniffers.
Not that it isn't sufficient for the average person's security needs, but it definitely still has a lot of attack vectors. A case with active mesh and a customizable TPM module with extra sensors, hardware overrides, and that could take standard-sized desktop components might be useful for small business applications where they have sensitive data but can't afford a whole secured data center. LMP
