Trusted Computing Platform Vulnerability Presentation Blocked at Black Hat
Once again an important Black Hat presentation has been blocked. This time it's the planned talk by Nitin and Vipin Kumar of NV Labs. The NV Labs site has some information on the company's research into bypassing TCP and Vista BitLocker. Here's an excerpt from one of their Web postings:
The attack procedure (TPMkit) involves an attack on the TPM.TPMkit lets you overcome technologies such as Vista's BitLocker.TPMkit also bypasses remote attestation and thus, will allow to connect over Trusted Network Connect(TNC)(although the system might not be in Trusted state.). TPMkit bypasses the security checks mentioned (in the above paragraphs) and thus, you will never know that you are using a compromised or changed system.
With 150 million TCP devices already shipped and no easy way to patch them without calling into question the whole idea of hardware based integrity checks, it's important to know what vulnerabilities exist. Looks like we won't be getting the details from Black Hat.
ComputerWorld tried to get details on why the talk was cancelled but came up empty handed.
In an e-mail, Vipin Kumar says, "We have pulled back our presentation from ... Black Hat. So, we won't be presenting anything related to TPM/BitLocker in Black Hat. ... We would not like to say anything about the TPM/BitLocker for the time being." He didn't respond to inquiries about why the brothers withdrew.A spokesman for the conference was unable to offer more information. "At their request, they are no longer presenting. That is all the info I have," said the spokesman, Nico Sell, in an e-mail.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
