Windows BitLocker can be cracked in 43 seconds on an old PC using a normal Raspberry Pi Pico
When Microsoft presents us with an encryption system that requires very specific hardware and advanced knowledge to crack, we have a right to trust it. However, BitLocker has a major weakness, which is linked to the design of some computers. Indeed, to function, it requires a link between the device’s CPU and the TPM chip attached to its motherboard, a communication path that is… not secure.
YouTuber stacksmashing, a cybersecurity researcher, just demonstrated that. On some motherboards, easily accessible connectors allow you to read data transmitted between two components. Using some well-placed probes, he was able to retrieve the encryption information needed to read data from the SSD when the computer started up.
The tool used for this operation is none other than a Raspberry Pi Pico, available for sale in France for less than 6 euros, connected to a printed circuit that he was able to order for a few dollars. The latter allows the use of spring-loaded contacts, which are used to connect easily accessible and relatively prominent connectors on the motherboard. According to stacksmashing, all these components would have cost him $10.
No soldering required here, recovery of the encryption key used by BitLocker can be done on the fly, in 43 seconds on an assembled and working computer.