That coul possible work with "TPM Embedded Security chip" from HP????

@adhesnick TCPA on HP,IBM,Intel,Dell and Microsoft ..use it ....

i have one problem like that on NOTEBOOK, which has builted TPM Embedded security chip. Since i hv been lost the password, I can't use it. Could you please help me out. I saw one strange thing just next to bios battery. is that TPM, "share spare key" written on it.

COULD YOU PLEASE HELP ME ...

Could someone explain to an idiot like me, does thie completely circumvent Trusted Computing? Also, since this is a hardware attack, I'd imagine that this would be hard, if not impossible to patch?

The short answer is 'No'. This is a problem with the most common implementation of trusted computing at the time the video was created. More recent implementations do some work to fix this issue but they're still not perfect. If you integrated a TPM on-die with the BIOS or microprocessor, for instance, it would be very difficult to attack it with hardware attacks. Further, revising the specification to change the way TPM's need to handle resets could fix this without major cost to new units.

2:10 - 2:25 is the part of the whole video which made me nearly cry. If you can make the PC tell other systems to be in a "trustworthy" state, you can easily make the PC look "trustworthy" to any user, who trusts this "trustworthyness". So the TCG didn't test their TCM-Chips on manual intrusion, which means, that anyone around could easily make all computers in f.e. a bureau hackable, within a second while nobody's watching. So someone, who is specialized on spying, surely knows that, but

an normal unexpirienced end-user doesn't, which leads me to the conclusion, that this whole TCG-crap was never designed, to be used against hacks or professional-hackers. This affirms my conclusion, that the whole TCG doesn't want to secure a computer FOR the user, they want to secure a computer FROM the user...

Isn't PCR 17 supposed to hold some dynamic trusted boot loader extended hash? Why display only 16 out of 24 PCRs?

This is an attack against a v1.1b TPM. These PCRs didn't exist yet. However, if you read the page that links to this video you will see that it is mentioned these PCRs, and note that an attacker who can write arbitrary commands to the LPC bus (via an LPC development board or other hardware based system) could mimic the signals sent by a PC in skinit mode and thus take these registers from -1 to 0x00.

Ok, thanks for the update!

I never played with v1.1b before, my motherboard had a v1.2 from the start (Intel 965).