Mindenben előfordul. Az általad linkeld rés "Attack Vector: Local", ami annyit jelent hogy csak belső hálózaton sebezhető. Továbbá egy év alatt és 18 revízió során javították volna, ha valóban olyan veszélyes lenne. 12 éve használják millióan üzemi szinten a TPM-et, jó az. Továbbá, eddig "nem biztonságos" TPM-ed sem volt és tök jól elvoltál, a jövőben kapsz még egy vastag biztonságos réteget, amivel nem csak magadat, de a kiszolgálóidat is véded. Hidd el, ezeknél a gigamultiknál, nem hülye emberek hozzák a döntéseket, és egy ilyen döntés nem egy emberen múlik, hanem 100+-on. Ma erre halad az informatika, bele kell törődni. A hibák 99%-a nem az átlagfelhasználókat / munkaállomásokat érinti.
The Trusted Platform Module ensures the security of various computer assets. It was procured to support the department of defense in the United States. Department occupies this module for device identification, encryption, and verification of its integrity. To explain this more, let me describe all the uses of TPM as below:
Integrity of Platform
The most important function of TPM is to ensure the integrity of a particular platform over the internet or operating system. To ensure this functionality, TPM checks the process of booting and its authority via hardware and software systems. Thus, this asset acts as a firmware. It also contains configuration registers for storing and reporting the information securely.
Encryption of Disk
TPM provides utility to protect encrypted keys stored in storage devices on the computer system. It also checks and provides an authoritative path to the information system including booting and firmware processes.
Protection of Password
To authenticate the password is important to protect the computer system, data, and keys stored on it. So, the Trusted Platform Module just not ensure authentication in software because it will create a risk of a dictionary attack. Therefore, it also ensures hardware protection. Moreover, it allows for very complex and strong passwords only.
Some other uses
The application software uses TMP to manage digital rights.
It ensures the protection and enforcement of various licenses for software.
Along with this, it also prevents cheating in online games or programs.
Advantages
The main and the most important advantage of TPM is it secures the confidential information.
It provides authentication features in both software and hardware.
The security is improved with this asset because it does not depend upon a software-based operating system.
If you want to use TPM on a mobile phone, then you can encrypt the entire hard drive of your phone.
Now, if you think about how you can share this data with your peers or the server. Then you can use a time certificate.
Along with protecting the information, TPM also provides hardware-oriented benefits as mentioned below:
It records and reports the hardware functionality data.
Moreover, it provides input to improve the booting, operating system, and BIOS.
It also allows direct anonymous attestation to ensure the privacy of the system from various users.
Most importantly, the architecture of TPM is cost-effective.
Disadvantages
TPM does not protect the system from a cold boot attack.
TPM just provides security against theft of the system. Contrarily, it does not consider online threats and attacks on the system or information stored.
The process of its functioning is very long, as its tools run key finders until the right key works.