Frick
Fishfaced Nincompoop
- Joined
- Feb 27, 2006
- Messages
- 18,930 (2.85/day)
- Location
- Piteå
System Name | Black MC in Tokyo |
---|---|
Processor | Ryzen 5 5600 |
Motherboard | Asrock B450M-HDV |
Cooling | Be Quiet! Pure Rock 2 |
Memory | 2 x 16GB Kingston Fury 3400mhz |
Video Card(s) | XFX 6950XT Speedster MERC 319 |
Storage | Kingston A400 240GB | WD Black SN750 2TB |WD Blue 1TB x 2 | Toshiba P300 2TB | Seagate Expansion 8TB |
Display(s) | Samsung U32J590U 4K + BenQ GL2450HT 1080p |
Case | Fractal Design Define R4 |
Audio Device(s) | Line6 UX1 + some headphones, Nektar SE61 keyboard |
Power Supply | Corsair RM850x v3 |
Mouse | Logitech G602 |
Keyboard | Cherry MX Board 1.0 TKL Brown |
VR HMD | Acer Mixed Reality Headset |
Software | Windows 10 Pro |
Benchmark Scores | Rimworld 4K ready! |
Stolen from Sweclockers, but it's in swedish.
So from now on devices (OEM built) needs a TPM module. Relevant bit:
Pretty interesting, but there's tons of questions I guess. I don't actually now anything about how TPM works, just that it's hardware, meaning the key is stored in a physical chip and that the decryption has to run through this chip. But I have no idea how let's say biometrics is tied to this. Or what the implications will be, or what exactly is encrypted. The entire storage or just the log in details as such?
So from now on devices (OEM built) needs a TPM module. Relevant bit:
As of July 28, 2016, all new device models, lines or series must implement and be in compliance with the International Standard ISO/IEC 11889:2015 or the Trusted Computing Group TPM 2.0 Library and a component which implements the TPM 2.0 must be present and enabled by default from this effective date.
The following requirements must be met:
A UEFI firmware option to turn off the TPM is not required. OEM systems for special purpose commercial systems, custom order, and customer systems with a custom image are not required to ship with a TPM support enabled.
- All TPM configurations must comply with local laws and regulations.
- Firmware-based components that implement TPM capabilities must implement version 2.0 of the TPM specification.
- An EK certificate must either be pre-provisioned to the TPM by the hardware vendor or be capable of being retrieved by the device during the first boot experience.
- It must ship with SHA-256 PCR banks and implement PCRs 0 through 23 for SHA-256. Note that it is acceptable to ship TPMs with a single switchable PCR bank that can be utilized for SHA-256 measurements.
- It must support TPM2_HMAC command.
Pretty interesting, but there's tons of questions I guess. I don't actually now anything about how TPM works, just that it's hardware, meaning the key is stored in a physical chip and that the decryption has to run through this chip. But I have no idea how let's say biometrics is tied to this. Or what the implications will be, or what exactly is encrypted. The entire storage or just the log in details as such?