Okay, you’re talking about at boot time? Well, again, the password would have to be known to pass to the TPM to access it. Also, the TPM is not exclusively reproducible. The hash must accompany the data or it can’t be decrypted.
Now, speaking directly to the article, the problem with Win8 is Secure Boot. Secure Boot completely takes over the EFI boot mechanism. This essentially mates the hardware to the software. With EFI usurped, now the TPM can be activated and locked down by the software install as opposed to the user. THIS is why the Germans want to divest themselves of Win8, and I absolutely cannot blame them.
Listen, I’m not standing up for MS or Win8. I’m standing up for the TPM. It’s great technology and makes cryptology a little bit easier for the home user IF the TPM is managed by the user himself. Since Secure Boot destroys the user’s ability to secure his own bootloader and also destroys his ability to secure his own TPM, Secure Boot, and Windows 8, destroys privacy in general.
Yes! During boot. We’re starting to converge.
My understanding is that the system knows the password at boot, therefore the snoop knows it, if not at the first attempt, it can remember what password was used on the first genuine boot up for the second snoop try.
What I’m envisioning is roughly the equivalent of a key logger on the tunnel.
Uh. What’s EFI?