undefined | Better HN

0 pointsgrishka4y ago0 comments

So okay, you again assume that software is immutable. But Windows has to store these trusted keys somewhere. What if I emulate the TPM with a key I generated myself, and patch Windows to trust that key?

0 comments

marcosdumay4y ago

Then you will discover that Secure Boot will stop your computer from starting until you reinstall something signed by Microsoft.

grishkaOP4y ago

Can't you just turn that off in the BIOS settings?

ddalex4y ago

Not if BIOS doesn't allow that to be turned off.

1 more reply

tenebrisalietum4y ago

You'll boot Windows but can't mount the system volume if it's protected by a Bitlocker key derived from the TPM key.

grishkaOP4y ago

Even if you do a clean install yourself? Well then, gotta patch the installer. There's always a way!

j / k navigate · click thread line to collapse

0 pointsgrishka4y ago0 comments

0 comments

marcosdumay4y ago

Then you will discover that Secure Boot will stop your computer from starting until you reinstall something signed by Microsoft.

grishkaOP4y ago

Can't you just turn that off in the BIOS settings?

ddalex4y ago

Not if BIOS doesn't allow that to be turned off.

1 more reply

tenebrisalietum4y ago

You'll boot Windows but can't mount the system volume if it's protected by a Bitlocker key derived from the TPM key.

grishkaOP4y ago

Even if you do a clean install yourself? Well then, gotta patch the installer. There's always a way!

j / k navigate · click thread line to collapse