Lately, the reliability of Microsoft’s BitLocker encryption system has come under serious scrutiny. A YouTube streamer named stacksmashing shared a video demonstrating how BitLocker encryption was cracked in less than a minute using Raspberry Pi Pico. This incident has raised serious concerns about computer security. Here are the details about BitLocker encryption and how it was cracked…
BitLocker encryption cracked in just 43 seconds!
The Trusted Platform Module (TPM) is an external hardware component, especially used in computer systems to ensure the security of critical data. BitLocker utilizes this module to protect user data. stacksmashing’s attack focuses on TPM. As shown, with physical access and technical knowledge, these security measures can be bypassed.
The attack is carried out through an unused LPC connector found on the motherboard of an old Lenovo laptop. Using stack smashing, Raspberry Pi Pico connected to this connector listens to the unencrypted communication of the CPU, thus obtaining the necessary keys to decrypt BitLocker.
Microsoft already acknowledges that such attacks are possible. However, it emphasizes that they require prolonged physical access and advanced technical knowledge. The company encourages users to set up a BitLocker PIN for better protection. However, this may sometimes require configuration of additional Group Policy settings.
Restricting physical access, using strong encryption methods, and enabling advanced security features can help individuals protect themselves from potential security threats. However, security is an ongoing process, and such attacks remind us to always be vigilant and keep our security measures up to date.