When Microsoft presents us with an encryption system that requires very specific hardware and advanced knowledge to crack, we have a right to trust it. However, BitLocker has a major weakness, which is linked to the design of some computers. Indeed, to function, it requires a link between the device’s CPU and the TPM chip attached to its motherboard, a communication path that is… not secure.
YouTuber stacksmashing, a cybersecurity researcher, just demonstrated that. On some motherboards, easily accessible connectors allow you to read data transmitted between two components. Using some well-placed probes, he was able to retrieve the encryption information needed to read data from the SSD when the computer started up.
The tool used for this operation is none other than a Raspberry Pi Pico, available for sale in France for less than 6 euros, connected to a printed circuit that he was able to order for a few dollars. The latter allows the use of spring-loaded contacts, which are used to connect easily accessible and relatively prominent connectors on the motherboard. According to stacksmashing, all these components would have cost him $10.
No soldering required here, recovery of the encryption key used by BitLocker can be done on the fly, in 43 seconds on an assembled and working computer.
This is a new record that scientists from the Korea Fusion Energy Institute (KFE) have…
Damages associated with drought, floods, hail and other increasingly violent events are expected to increase…
An estimated 9 million people in the United States are still waiting for their final…
The death of seven humanitarian workers from the American NGO World Central Kitchen in an…
Today, at one o'clock in the morning, Gamer updates it Boutique de Fortnite Through the…
The Basic Instinct and Casino actress looks back at a time in Hollywood when adapting…