BitLocker encryption broken in 43 seconds with sub-$10 Raspberry Pi Pico
Link: https://www.tomshardware.com/pc-components/cpus/youtuber-breaks-bitlocker-encryption-in-less-than-43-seconds-with-sub-dollar10-raspberry-pi-pico
Discussion: https://news.ycombinator.com/item?id=39284711
@hn50 @hvangalen Stacksmashing found that the communication lanes (LPC bus) between the CPU and external TPM are completely unencrypted on boot-up, enabling an attacker to sniff critical data as it moves between the two units, thus stealing the encryption keys.
#infosec #microsoft #bitlocker