Raspberry Pi Pico Cracks Bitlocker In Under A Minute
Arthur T Knackerbracket has processed the following story:
We're very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animated displays so beloved by retailers. But cracking BitLocker? We doubt the company will be bragging too much about that particular application.
The technique was documented in a YouTube video over the weekend, which demonstrated how a Raspberry Pi Pico can be used to gain access to a BitLocker-secured device in under a minute, provided you have physical access to the device.
A Lenovo laptop was used in the video, posted by user stacksmashing, although other hardware will also be vulnerable. The technique also relies on having a Trusted Platform Module (TPM) separate from the CPU. In many cases, the two will be combined, in which case the technique shown cannot be used.
[...] Microsoft has long accepted that such attacks are possible, although it describes them as a "targeted attack with plenty of time; the attacker opens the case, solder, and uses sophisticated hardware or software."
At less than a minute in the example, we'd dispute the "plenty of time" claim, and while the Raspberry Pi Pico is undoubtedly impressive for the price, at less than $10, the hardware spend is neither expensive nor specific.
[...] As one wag observed: "Congratulations! You found the FBI's backdoor."
Read more of this story at SoylentNews.