Microsoft's Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi and a bit of braininess
www.pcgamer.com
Your laptop probably isn't as secure as you thought.

Microsoft’s Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi::The point of Microsoft’s Bitlocker security feature is to protect personal data stored locally on devices and particularly when those devices are lost or otherwise physically compromised. With Bi

  • Godort@lemm.eeEnglish
    1192·
    11 months ago

    It should be noted that this attack was demonstrated on a nearly 10 year old laptop that has the TPM traces exposed on the motherboard.

    Most TPMs nowadays are built into the CPU which does not leave them vulnerable to this type of attack.

    • cheese_greater@lemmy.worldEnglish
      242·
      11 months ago

      Its definitely sort or misleading but MS needs to really have its feet held to the fire when it comes to these things. It sort of pushes the narrative in the correct direction which is towards privacy AND security, not a half-ass balance where one or the other or both is compromised or is an illusion altogether

      The Outlook stuff has demonstrated how fundamentally irresponsible and unserious they are about their obligation to secure and regulate their own systems, they need all the bad press they can get so they are compelled to do betwr

    • f4f4f4f4f4f4f4f4@lemmy.worldEnglish
      27·
      11 months ago

      I get your joke, but it’s even cheaper than a “Raspberry Pi”. Pi Pico, one RP2040 chip, that’s basically RPi’s new version of a Teensy. I just installed one in my GameCube to defeat its “BIOS” and boot from micro SD card :P

      • andrewth09@lemmy.worldEnglish
        14·
        11 months ago

        I just installed one in my GameCube to defeat its “BIOS” and boot from micro SD card :P

        Coolest thing I heard all day. Didn’t know that was a thing.

    • Godort@lemm.eeEnglish
      10·
      11 months ago

      Correct. However, if you have a way to run a PowerShell command as an administrator, you can run a single cmdlet to get access to the bitlocker recovery key.

  • trackcharlie@lemmynsfw.comEnglish
    12·
    11 months ago

    The concept and implementation of TPM use has been a joke since inception.

    veracrypt or luks; bitlocker is a total joke.

  • Optional@lemmy.worldEnglish
    42·
    11 months ago

    Hey - hey member that time when Truecrypt was like, “Peace, we out. Use bitlocker. lol”

    When’s the new Truecrypt coming out? Yeah yeah Veracrypt, I know. It’s cool, its just not. I dunno.