Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
BitLocker is still unsafe on modern devices, key retrieval only slightly difficult
It’s concerning, but don’t lose sleep over it
3 min. read
Published onFebruary 13, 2024
published onFebruary 13, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
We previously pointed out how it takes less than a minute tobreak into BitLocker encryptionusing aRaspberry Pi Pico. Now, as it turns out, modern-day PCs withTPM 2.0, the latest version, running Windows 11, too, are at risk of key sniffing. And it doesn’t take much more effort!
It was pointed out by a security researcher who goes by the namestacksmashingonX(formerly Twitter). This was in response to several users claiming that modern-day laptops are highly secure and bypassing BitLocker encryption is not possible.
For all the people saying this doesn’t work on new hardware:This is a 2023 machine, with TPM 2.0 and running Windows 11…https://t.co/wJsJiDTyfk
The security researcher had previously, in aYouTube video, detailed the process to retrieve the BitLocker recovery key and access the encrypted data.
Since the process employed here utilizes the unsecured communication between the CPU and TPM (Trusted Platform Module) chip, it’s possible to retrieve the BitLocker encryption key as long as the two are distinctly placed.
BitLocker key retrieval on modern laptops
In another post,Stu Kennedy, also a security researcher, explained how soldering directly to the right pads on aLenovo X1 Carbon Gen 11, released in April 2023, allowed the logic analyzer to get the BitLocker’s VMK(Volume Master Key).
BitLocker Key retrieval on a Windows 11, Lenovo X1 Carbon Gen 11 via SPI Sniffing.The TPM on the backside of the Motherboard, there are various test pads.pic.twitter.com/JGu0riEr1c
On hisGitHub page,Kennedyhas listed the steps to retrieve the BitLocker key from several modern-day laptops, along with the hardware required for the job. The list of laptops includes Microsoft Surface Pro 3 and Dell Lattitude E5470 (amongst others), both withTPM 2.0chips.
As per Kennedy, one of the ways to stay safe from this vulnerability is to enable BitLocker with a security key or PIN. This will act as pre-boot authentication and prevent sniffing devices from retrieving the VKM since it will be released only after the security key is entered.
Also, the problem appears to affect devices featuring a separate, dedicated TPM chip.
Should I be concerned about this?
If you are too concerned, don’t be!
The vulnerability can only be exploited as long as the threat actor has physical access to the device. Accessing over the web won’t do!
You should be more worried about infecting the PC with malware from the web. And for that, practicing good cyber hygiene and aneffective antivirus solutionare all you need.
Such vulnerabilities have existed in the past and were rectified over the course of time. In this case, too, we might see built-in TPM chips in the CPU or optional pre-boot authentication enforced by manufacturers to eliminate the risks.
What are your thoughts on it? Share with us in the comments section below.
More about the topics:Bitlocker,encryption
Kazim Ali Alvi
Windows Hardware Expert
Kazim has always been fond of technology, be it scrolling through the settings on his iPhone, Android device, or Windows PC. He’s specialized in hardware devices, always ready to remove a screw or two to find out the real cause of a problem.
Long-time Windows user, Kazim is ready to provide a solution for your every software & hardware error on Windows 11, Windows 10 and any previous iteration. He’s also one of our experts in Networking & Security.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Kazim Ali Alvi
Windows Hardware Expert
Kazim is specialized in hardware devices, always ready to remove a screw or two to find out the real cause of a problem.
