I know people have mixed opinions on Braxman but I don’t see any huge leaps in logic here tbh… Thoughts?

  • jetA
    link
    fedilink
    English
    arrow-up
    5
    ·
    5 months ago

    Physical access trumps all.

    • dwindling7373@feddit.it
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      Not really? If disks are encrypted good luck getting anything out of it. A remote access to a running machine? It’s all laid there.

      • jetA
        link
        fedilink
        English
        arrow-up
        2
        ·
        5 months ago

        Sure, anything with direct bus access to unencrypted data… that’ll do it

        • GolfNovemberUniform@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          5 months ago

          I didn’t mean that. I meant if the hacker has access to the administrator (or just user in case with E2EE messengers) account, they can see and download anything, no matter how encrypted it is. The chips can do stuff as well but idk any proof of that tbh

          • jetA
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            5 months ago

            Sure, side channel leakage if you can run locally.

            Honestly, most machines have enough cores, that you could pin a process to a specific core giving it independent cache, and work around a lot of these side channel attacks. So you’re encrypted end to end messenger would get an exclusive core. Kind of like how we do VM pinning nowadays

    • PM_Your_Nudes_Please@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      5 months ago

      Eh, kind of. Remote Desktop with an admin account would be more useful than physical access to a locked computer. Because if Bitlocker is enabled, then all that matters is that you can sign into the computer. Use strong passwords, don’t open RDP to the WAN, lock your workstations when walking away, etc…

      Even cloning the drive to crack later (historically, this was a popular choice if you had physical access) is pretty useless if you don’t have a user’s password.