Superhack dropped from Black Hat USA

A DEMONSTRATION of a hack which broke Trusted Computing Group's Trusted Platform Module and Vista's BitLocker has been dropped from the Black Hat USA 2007 conference.

Nitin and Vipin Kumar were down to give a demonstration which promised to show a huge hole in chip-based desktop and laptop security.

The abstract for the event claimed that the pair would show how to break any computer security based on trusted platform module (TPM) hardware.

One of the demonstrations was supposed show how to login and access data on Vista which has TPM + BitLocker enabled, the abstract said.

According to Network World, Vipin Kumar did not want to say why they had pulled out. But apparently it was their decision.

The Kumars developed a tool called TPMkit that they claimed bypasses remote attestation and would let a computer that is not in a trusted state gain access anyway.

The pair are quite good at cracking into VoleWare. At the the Black Hat conference in Amsterdam they showed a bootkit that can crack the Vista kernel without setting off Vista security alarms. They live in India and run a security consulting firm called NV Labs. µ

L'INQ
Network World