[SOLVED] Could a discrete TPM module contain viruses?

nuttedman · Nov 21, 2021

Hi,

I just bought a TPM2.0 for my motherboard - it was the only one in stock and was open box (could potentially have been used in the worst case scenario) so I was just wondering, could a used dTPM contain viruses loaded on by the previous user or am I just being too pedantic?

TIA

USAFRet · Nov 21, 2021

nuttedman said:
Hi,

I just bought a TPM2.0 for my motherboard - it was the only one in stock and was open box (could potentially have been used in the worst case scenario) so I was just wondering, could a used dTPM contain viruses loaded on by the previous user or am I just being too pedantic?

TIA

Given that it is a chip, that contains software, that could run at power up...it is "possible". Anything is possible.

However...highly unlikely. Near 0%.
On the order of - "I bought a used keyboard. Could the firmware or hardware contain a keylogger?" Well, yes. But....

nuttedman · Nov 21, 2021

USAFRet said:
Given that it is a chip, that contains software, that could run at power up...it is "possible". Anything is possible.

However...highly unlikely. Near 0%.
On the order of - "I bought a used keyboard. Could the firmware or hardware contain a keylogger?" Well, yes. But....

I bought this off a trusted retailer from my country so it's not from some knock-off seller on eBay, it puts things into a better perspective for me- thank you for that!

drea.drechsler · Nov 22, 2021

nuttedman said:
I bought this off a trusted retailer from my country so it's not from some knock-off seller on eBay, it puts things into a better perspective for me- thank you for that!

Modern CPU's have built in TPM's...AMD calls it fTPM, Intel calls it PTT. Look for the settings in your BIOS to enable them.

I'm not security smart enough to know if there is any possible way to compromise a TPM module. But there's zero reason to take any chance when you can simply enable a fully functional TPM already included in your CPU.

If there is any way to "hack" them, I'd have to imagine one or more of the countries trying to compromise western computers to undermine our economies will have figured out how.

nuttedman · Nov 22, 2021

drea.drechsler said:
Modern CPU's have built in TPM's...AMD calls it fTPM, Intel calls it PTT. Look for the settings in your BIOS to enable them.

I'm not security smart enough to know if there is any possible way to compromise a TPM module. But there's zero reason to take any chance when you can simply enable a fully functional TPM already included in your CPU.

If there is any way to "hack" them, I'd have to imagine one or more of the countries trying to compromise western computers to undermine our economies will have figured out how.

I would definitely use fTPM over taking any chances normally but for some reason it causes random stuttering, there's a whole forum on LTT so I unfortunately have to wait for it to get patched but cheers!

Search

[SOLVED] Could a discrete TPM module contain viruses?

nuttedman

Reputable

drea.drechsler

USAFRet

Titan

nuttedman

Reputable

drea.drechsler

Champion

nuttedman

Reputable

TRENDING THREADS

Latest posts

Moderators online

Share this page