Full tunnel would not mitigate this attack because smaller routes are preferred over larger ones. So, sure, 0.0.0.0/0 is routed over the tunnel, but a route for 8.8.8.8/32 pointing to somewhere layer2 adjacent, pushed via DHCP option 121, would supercede that due to being more specific.

The Killswitch only checks that VPN is up, not whether traffic is correctly routed over it.

You aren’t wrong, per se, I think you just don’t fully grasp the attack vector. This is related to DHCP option 121, which allows routes to be fed to the client when issuing the ip address required for VPN connectivity. Using this option, they can send you a preferred default route as part of the DHCP response that causes the client to route traffic out of the tunnel without them knowing.

E. It would likely only be select traffic routing out of the tunnel. I could, for example, send you routes so that all traffic destined for Chase Bank ip addresses comes back to me instead of traversing the tunnel. Much harder to detect.

For what it’s worth, I did specifically say ecosystem because the TPM is just one component, which is required to authenticate the remote wipe. Also the drivers are installed automatically with most modern operating systems, it’s not like you install your own south bridge driver, for example. Linux of course notwithstanding.

I’ve seen it used successfully numerous times. Someone steals one of our laptops, rips the drive out, installs vanilla windows, and boom it reboots and performs a wipe.

Regardless, system-on-a-chip are just that, systems; they can absolutely make remote calls without user interaction, just as intimated by the comment you originally replied to.

That really isn’t entirely true anymore since the TPM ecosystem came into existence. I can remotely wipe any pc at my company even if it’s stolen and reformatted because a hardware chip will phone home the second a compatible os is installed and internet access is available.