February 7, 2024 at 10:40AM
A recent YouTube video demonstrated how a Raspberry Pi Pico can exploit a vulnerability to access a BitLocker-secured device in under a minute. The technique involves intercepting the unencrypted key passed between the TPM and CPU, using affordable components. While Microsoft acknowledges such attacks, mitigations can be implemented through the use of a PIN.
The meeting notes indicate a recent revelation regarding the vulnerability of BitLocker-secured devices to Raspberry Pi Pico-based attacks. The YouTube video, posted by user stacksmashing, demonstrates the swift exploitation of a Lenovo laptop with the technique. The method involves utilizing a Raspberry Pi Pico with a custom connector and an analyzer to intercept the unencrypted key passed from the Trusted Platform Module (TPM) to the CPU.
The notes highlight that this vulnerability impacts devices with a separate TPM, and Microsoft acknowledges such attacks are possible but describes them as requiring significant time and sophisticated hardware or software. However, the demonstrated attack, completed in under a minute and at a low cost, challenges this assertion.
The potential consequences are significant, with the need for administrators to review their inventory and consider adding a PIN for mitigation. The levity expressed in the note with the comment “Congratulations! You found the FBI’s backdoor” indicates a mix of concern and irony regarding the situation.