
TPM firmware vulnerability in Chrome OS devices - panarky
https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update
======
panarky
_There exists a practical attack against TPM-generated RSA keys, but it doesn
't allow large-scale exploitation of Chrome OS devices.

With a few exceptions, all Chrome OS devices that include an Infineon TPM chip
are affected.

Installing the TPM firmware update requires a hardware reset of the TPM chip.
This means that all data held by the TPM will be discarded.

This includes disk encryption keys, implying all user data stored locally on
the device will be lost._

