The purpose of Microsoft’s Bitlocker safety characteristic is to guard private information saved domestically on gadgets and significantly when these gadgets are misplaced or in any other case bodily compromised. With Bitlocker, it should not matter in case you lose your laptop computer or any person pinches your SSD. Your information nonetheless cannot be accessed.
Besides it might and all that is wanted is a $10 Raspberry Pi and somewhat (OK, a variety of) ingenuity, in line with YouTube channel Stacksmashing(through Hardwareluxx). How so? Properly, it entails the TPM or Trusted Platform Module chip.
The TPM is a safe crypto-processor designed to hold out cryptographic operations and put in in lots of Home windows PCs. Microsoft says Bitlocker works greatest when utilized in mixture with a TPM chip. Which is ironic, as a result of Stacksmashing’s hack is just attainable because of the TPM chip.
Lengthy story quick, Stacksmashing bodily intercepts indicators from the TPM chip and isolates the grasp encryption key. It is then comparatively simple to drag the SSD, plug it right into a Linux machine and use open supply software to totally decrypt the drive.
To make the method of bodily connecting to the laptop computer’s TPM chip less complicated, Stacksmashing cooked up a bespoke Raspberry Pi Pico PCB to which spring loaded contact pins have been connected in an association to completely align with the contact pads for the TPM within the Lenovo laptop computer that was topic to the assault. Apparently, the whole value of the elements have been lower than $10.
Within the video, all of it appears extremely easy. Simply pull the again cowl of the laptop computer off, uncover the TPM contact factors, bodily apply the modded Pi’s pins, boot the machine and—increase!—inside a couple of seconds you’ve gotten your enrcyption keys, permitting the SSD to be totally decrypted.
You’ll be able to dive into the feedback under the video for a dialogue of the deserves of the TPM module on this context, what Microsoft maybe ought to or should not have accomplished to forestall all this, whether or not this is applicable to all variations of TPM and different measures you possibly can take to make sure your drive is safe (or largely safe) even within the occasion of an assault like this.
Furthermore, this does not essentially make Bitlocker and TPM completely pointless. And given sufficient effort, most safety measures are susceptible. However in case you thought your information was safe courtesy of these applied sciences to all however probably the most well-resourced assaults within the occasion you misplaced your laptop computer, properly, you would possibly need to suppose once more.