Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/tiraniddo/statuses/114354010704929901">James Forshaw :donor: (tiraniddo@infosec.exchange)'s status on Friday, 18-Apr-2025 00:30:29 JST</a><a href="https://infosec.exchange/@tiraniddo" title="tiraniddo@infosec.exchange"><img src="https://gnusocial.jp/avatar/241908-48-20240211125513.webp" width="48" height="48" alt="James Forshaw :donor:" style="position: absolute; left: 0; top: 0;">James Forshaw :donor:</a><div><a href="https://cyberplace.social/@GossiTheDog/114353657768241307" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://cyberplace.social/@GossiTheDog">@GossiTheDog</a> I never managed to the get the updated version working on the ARM CoPilot laptop I bought specifically for that purpose. I don't know of any current write ups other than the puffery from MS.</p><p>I'd certainly focus on the encryption, how it ties into Windows Hello, whether there's any obvious bypasses and also whether you can still hoover up the details _if_ the user has unlocked it first (as in how hard is it to access the database once the key is available).</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4909119#notice-9617993">In conversation</a><time datetime="2025-04-18T00:30:29+09:00" title="Friday, 18-Apr-2025 00:30:29 JST">about a month ago</time> <span>from <span><a href="https://infosec.exchange/@tiraniddo/114354010704929901" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@tiraniddo/114354010704929901">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
James Forshaw :donor: (tiraniddo@infosec.exchange)'s status on Friday, 18-Apr-2025 00:30:29 JSTJames Forshaw :donor:
in reply to
- Kevin Beaumont
@GossiTheDog I never managed to the get the updated version working on the ARM CoPilot laptop I bought specifically for that purpose. I don't know of any current write ups other than the puffery from MS.
I'd certainly focus on the encryption, how it ties into Windows Hello, whether there's any obvious bypasses and also whether you can still hoover up the details _if_ the user has unlocked it first (as in how hard is it to access the database once the key is available).
In conversationabout a month ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice