BitLocker encryption broken in 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM | Tom's Hardwarecolossal security flaw with Bitlocker that allowed him to bypass Windows Bitlocker in less than a minute with a cheap sub-$10 Raspberry Pi Pico, thus gaining access to the encryption keys that can unlock protected data. After creating the device, the
<https://www.tomshardware.com/pc-components/cpus/youtuber-breaks-bitlocker-encryption-in-less-than-43-seconds-with-sub-dollar10-raspberry-pi-pico>
Bitlocker is one of the most easily accessible encryption solutions available today, being a built-in feature of Windows 10 Pro and Windows 11 Pro that's designed to secure your data from prying eyes. However, YouTuber stacksmashing demonstrated a
To do this, the YouTuber took advantage of a design flaw found in many systems that feature a dedicated Trusted Platform Module, or TPM. For some configurations, Bitlocker relies on an external TPM to store critical information, such as the PlatformConfiguration Registers and Volume Master Key (some CPUs have this built-in). For external TPMs, the TPM key communications across an LPC bus with the CPU to send it the encryption keys required for decrypting the data on the drive.
Related:
bitlocker broken stackmashing - YouTube <https://www.youtube.com/results?search_query=bitlocker+broken+stackmashing>
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 297 |
Nodes: | 16 (2 / 14) |
Uptime: | 05:29:30 |
Calls: | 6,666 |
Files: | 12,213 |
Messages: | 5,335,949 |