
Security flaw in ‘nearly all’ modern PCs and Macs exposes encrypted data - djug
https://techcrunch.com/2018/09/12/security-flaw-in-nearly-all-modern-pcs-and-macs-leaks-encrypted-data/
======
hyperman1
I suppose the original article is
[https://press.f-secure.com/2018/09/13/firmware-weakness-
in-m...](https://press.f-secure.com/2018/09/13/firmware-weakness-in-modern-
laptops-exposes-encryption-keys/)

But even that is very light on details:

 _The attack exploits the fact that the firmware settings governing the
behavior of the boot process are not protected against manipulation by a
physical attacker. Using a simple hardware tool, an attacker can rewrite the
non-volatile memory chip that contains these settings, disable memory
overwriting, and enable booting from external devices. The cold boot attack
can then be carried out by booting a special program off a USB stick_

I suppose they attach something JTAG?

