search for: bkmk_depopt3

Displaying 2 results from an estimated 2 matches for "bkmk_depopt3".

2014 May 05
1
SYSLINUX PXE LOCALBOOT Bitlockers
...can control what factors are used for the TPM's integrity check to release the bitlocker key on boot. Depending on whether your on a BIOS or EFI machine, there are slight differences, but definitely controllable by group policy. http://technet.microsoft.com/en-us/library/ee706521(v=ws.10).aspx#BKMK_depopt3 I have not tried to disable whichever one of the PCRs prevents boot deviations, but it may very well be possible. You can find more documentation on the PCRs in the TPM spec: http://technet.microsoft.com/en-us/library/ee706521(v=ws.10).aspx#BKMK_depopt3 Bear in mind though that this would make it...
2014 Apr 29
2
SYSLINUX PXE LOCALBOOT Bitlockers
Any deviation from the expected boot process will prevent BitLocker from accessing the volume key in the TPM. One reason this behavior exists is to prevent malicious code from being loaded (such as via booting first to CD / USB / PXE, loading malware, and then continuing to boot to Windows). So what's happening here is the deviation from firmware -> PXE -> HDD is detected and the volume