Advertisement: Click here to learn how to Generate Art From Text
In a YouTube video, security researcher Stacksmashing demonstrated how hackers can use a $4 Raspberry Pi Pico in 43 seconds to retrieve the BitLocker key from Windows PCs. The researcher claims that specific attacks can get beyond BitLocker’s encryption by directly accessing the hardware and retrieving the encryption keys kept in the computer’s Trusted Platform Module (TPM) viz the LPC bus.
It has been shown that the encryption key requires physical access to the device and some extended know-how or expertise — so this isYou can also check out our other blog posts.A threat that extends across the internet. Of course, BitLocker’s reliance on a TPM for security may be its own downfall in this particular escapade.
The TPM, or Trusted Module has a flaw in its design that the YouTuber exploited. In some setups Bitlocker relies upon an external Trusted Module to store vital data. This includes the Volume Master Key, Platform Configuration registers (which come with certain CPUs). When using an External TPM, the CPU communicates with the TPM over an LPC bus in order to send the keys required to unlock the data stored on the disk. The security hacker Stacksmashing, (YouTube), discovered that the communication lanes between the external TPM (LPC bus), and the CPU were completely unencrypted at boot-up. This allowed the hacker to find critical data when it moved between the two units — and he was able to hack the encryption keys.
Keep in mind that the hacker used an old laptop that had BitLocker encryption — even though the same type of attack can be used on newer motherboards that use an external TPM. Also, the newer boards require more effort and legwork to intercept bus traffic. Security researcher Stacksmashing made it clear that the Windows BitLocker and external TPMs aren’t as foolproof as many individuals and companies think.
If your CPU includes a TPM, such as those found in modern AMD or Intel CPUs, then you are protected from this security flaw, since the TPM communicates only within the CPU.
Featured Image: Photo by George Becker Pexels
Original content by readwrite.com. “Microsoft BitLocker’s encryption was hacked using a Raspberry Pi Pico.”
Read the full article here https://readwrite.com/microsoft-bitlocker-encryption-hacked-by-a-cheap-off-the-shelf-raspberry-pi-pico/