Why Trusted Platform Module won’t protect you
Recently I was asked a very good question on Trusted Platform Module. Question stated that once the hard drive is removed from the system, there is nothing that prevents attacker to break decryption (even brute force it) and obtain data no matter how secure it is.
Pretty much all the protection applied in contemporary systems is built upon the thesis that any data is decipherable either by using LOTS of computer power or LOTS of time which makes data either too expensive to obtain in such a way or obsolete by the time it is deciphered.
Obtaining data from any hard drive is very expensive and time-consuming process. Unless you keep a little too much information on it – no one gives a damn. Basically, targeted attacks only make sense if attacker has enough reasons to believe that certain laptop possesses certain value. In all other cases – it’s cheaper to get “stuff” through other means.
That’s the primary reason for spam and phishing attacks – because it is cheaper and more productive to attack the weakest link in security chain. Such link happens to be a human, since most successful attacks use social engineering rather than brute forcing your password. Why break if you can ask and get it?
Generally speaking, most of security rules in place are impenetrable enough that fraudsters avert their efforts from brute force and other types of high-tech attacks and pursue scamming and phishing. Penetrating current security measures requires very high levels of knowledge and intelligence as well as knowing insides and outs of particular system one plans to attack. However, crafting fake bank web site and sending zillions of fake notifications to “update your account info” requires way less time, knowledge and costs almost nothing. The financial outcomes, however, are significant enough to make such attacks more feasible and more numerous.