Bypassing Bitlocker using a cheap logic analyzer on a Lenovo laptop
(www.errno.fr)
from tedu to cybersecurity@infosec.pub on 24 Aug 2023 19:27
https://azorius.net/g/cybersecurity@infosec.pub/p/rCZTlyw2J9SggH2ltg-Bypassing-Bitlocker-using-a-cheap-logic-analyzer
from tedu to cybersecurity@infosec.pub on 24 Aug 2023 19:27
https://azorius.net/g/cybersecurity@infosec.pub/p/rCZTlyw2J9SggH2ltg-Bypassing-Bitlocker-using-a-cheap-logic-analyzer
The vulnerability should be obvious: at some point in the boot process, the VMK transits unencrypted between the TPM and the CPU. This means that it can be captured and used to decrypt the disk.
threaded - newest
And that’s the problem with trusted computing, it inherently depends on hardware integrity. Even on-chip tpms and things like the AMD PSP and Intel ME rely on the CPU, RAM and bus. Even if you AES encrypt the RAM, it still depends on the CPU, microcode and TPM not being compromised. It is possible, if rather hard, to take a chip out of its epoxy, ceramic or metal shell ,(decapping)and then use very tiny to steal or even modify the program and data.
.
There are certainly useful uses for trusted computing, like discouraging tampering with distributed computing projects, but they are used much more often to implement DRM and restrict hardware. They don’t it to be impossible, just hard enough that the average user gives up.
Currently it is possible for an average user to to install Linux, but if that process requires hardware tampering (no normal person will decap chips), almost no one will do it.