I was talking about the signed recovery shell the article is talking about. Sadly most business laptops still use dtpms. Also if they use ftpms you can simply use a ram scraper. The attack surface is huge either way.
I just digged into the exploit a little bit more and what it does it targets BitLocker in TPM only mode. That means that there is no preboot authentication or anything. What happens is secure boot validates the boot…
I was talking about the signed recovery shell the article is talking about. Sadly most business laptops still use dtpms. Also if they use ftpms you can simply use a ram scraper. The attack surface is huge either way.
I just digged into the exploit a little bit more and what it does it targets BitLocker in TPM only mode. That means that there is no preboot authentication or anything. What happens is secure boot validates the boot…