this post was submitted on 11 Feb 2024
384 points (93.2% liked)

Technology

59161 readers
1960 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
384
Microsoft's Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi (www.pcgamer.com)
submitted 9 months ago by [email protected] to c/[email protected]
54 comments fedilink hide all child comments
 

Microsoft's Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi::The point of Microsoft's Bitlocker security feature is to protect personal data stored locally on devices and particularly when those devices are lost or otherwise physically compromised. With Bi

(page 2) 11 comments
sorted by: hot top controversial new old
[–] [email protected] 34 points 9 months ago (2 children)

Yet another example of "hardware access is root access"

load more comments (2 replies)
[–] [email protected] 25 points 9 months ago (2 children)

Pis are 10$ again? That's the real story.

load more comments (1 replies)
[–] [email protected] 32 points 9 months ago (1 children)

$10.. not really in video. He had a custom PCB made so the pogo pins were on the board, all in one.

Honestly, pretty awesome. Although as noted, this is for older boards without TPM integration in CPU.

It can also be done with a logic analyzer.

[–] [email protected] 10 points 9 months ago (5 children)

The pi is $10. The rest is much more.

load more comments (5 replies)
[–] [email protected] 12 points 9 months ago

Unsurprised. Physical security seems to be a lot tougher for the industry to “nail”

Just look at this UEFI boot fail vuln/exploit. Crazy.

[–] [email protected] 166 points 9 months ago (2 children)

It should be noted that this attack was demonstrated on a nearly 10 year old laptop that has the TPM traces exposed on the motherboard.

Most TPMs nowadays are built into the CPU which does not leave them vulnerable to this type of attack.

[–] [email protected] 28 points 9 months ago* (last edited 9 months ago) (2 children)

Its definitely sort or misleading but MS needs to really have its feet held to the fire when it comes to these things. It sort of pushes the narrative in the correct direction which is towards privacy AND security, not a half-ass balance where one or the other or both is compromised or is an illusion altogether

The Outlook stuff has demonstrated how fundamentally irresponsible and unserious they are about their obligation to secure and regulate their own systems, they need all the bad press they can get so they are compelled to do betwr

load more comments (2 replies)
[–] [email protected] 104 points 9 months ago (2 children)

Too late, Canada's banned Raspberry Pi's already. :(

load more comments (2 replies)
load more comments
view more: ‹ prev next ›