Breaking Bitlocker: Watch Microsoft's Windows disk encryption being bypassed in just 43 seconds
Microsoft BitLocker is a full-disk encryption feature included in certain editions of Windows operating systems, designed to enhance the security of data stored on a computer or external drives. It serves as a crucial component of Microsoft's broader approach to data protection and aims to safeguard sensitive information against unauthorized access, particularly in scenarios where devices might be lost, stolen, or otherwise fall into the wrong hands.
BitLocker operates by encrypting the entire contents of a disk drive, including the operating system, system files, and user data. It uses a symmetric encryption algorithm, typically AES (Advanced Encryption Standard), to secure the data. To access the encrypted information, a user must provide a pre-boot authentication password or use additional authentication methods, such as a PIN or a USB key.
BitLocker can also be configured to work with a Trusted Platform Module (TPM), a hardware-based security feature that further enhances the protection by ensuring that the encryption keys remain secure. If you are running Windows 11, your system likely has a TPM chip as this is a requirement of the new OS. The encryption keys are stored on the TPM, and the system won't boot without the presence of both the correct keys and a verified system state.
This multi-layered approach helps fortify the overall security of the system, making it significantly more challenging for unauthorized users to gain access to sensitive data.
In theory, anyway.
However, in the video embedded below, security researcher Stacksmashing is able to steal the Bitlocker disk encryption key from a laptop in just 43 seconds using nothing more complicated than a $4 Raspberry Pi Pico.
The process turns out to be surprisingly easy, and it’s very well explained. Watch the video and share your thoughts on it in the comments below.
Image Credit: Stacksmashing