Breaking Bitlocker - Bypassing the Windows Disk Encryption

Поділитися
Вставка
  • Опубліковано 18 гру 2024

КОМЕНТАРІ • 1,8 тис.

  • @TechX1320
    @TechX1320 10 місяців тому +1337

    I work in data recovery... this could be really helpful for those who can't get their keys for whatever reason. If people can't get their keys, we have other avenues at times, but largely its just not worth it

    • @betaswithWack0
      @betaswithWack0 10 місяців тому +86

      Typical BitLocker attacks only work when the system can boot normally. If bootmgr is asking for a bitlocker recovery key, then that's because unsealing the TPM from the VMK failed. This is most likely due to a firmware (BIOS) update or dbx (secure boot revocation list) update (or, for legacy integrity validation, a Windows bootloader update).
      If a dbx update with Secure Boot integrity validation caused BitLocker recovery, it may be possible to revert dbx to the default one provided by the firmware, and then apply older dbx updates if needed (the UEFI website contains all the older ones) to get the dbx contents to match what the TPM expects. It's still theoretical though, I haven't tried it personally; it's something I thought of that might work after I noticed dbx updates were causing actual data loss due to automatic bitlocker....

    • @gabrielandy9272
      @gabrielandy9272 10 місяців тому +26

      this only work if the user set to not have a pin, microsoft also warns you to have a pin so this attack only works when the user manually choosed to have a inferior security option,
      because usually you have to have a pin, this works because the user no have a pin and the disk boot automatic and this boot automatic allows you to get the key.

    • @betaswithWack0
      @betaswithWack0 10 місяців тому +43

      @@gabrielandy9272 the default setting when enabling bitlocker is VMK sealed by TPM only (no pin); and the crippled bitlocker on home edition of Windows ONLY allows this and doesn't let you set any other key protector (only TPM only with no pin, and recovery key)

    • @gabrielandy9272
      @gabrielandy9272 10 місяців тому +9

      @@betaswithWack0 is this different in windows 10? on my computer the first thing it asks is to have a PIN my bitlocker always start with a pin and if i don't want i have to manually select the drive to not have one.

    • @betaswithWack0
      @betaswithWack0 10 місяців тому

      @@gabrielandy9272 the thing to search for here is "automatic bitlocker"

  • @sarkasaa
    @sarkasaa 10 місяців тому +984

    I've always been under the impression that once someone has physical access to your machine, you've already lost. And this video once again confirms that.

    • @TcShadowWalker
      @TcShadowWalker 10 місяців тому +65

      That's only true if they can get access, tamper with the device, then return it to it's place. You don't notice any tempering, and when you unlock the disk-encryption, they gain access. Potentially after retrieving the device again (Evil Maid Attack)
      Just having access to the device, without later usage of the person holding the encryption key, is not enough if proper software-based Full-disk-encryption (i.e. LUKS) is used, where you actually have to enter the encryption key.
      Just don't trust Bitlocker and Microsoft's TPM scheme.

    • @chase-2-2
      @chase-2-2 10 місяців тому +43

      That would be interesting to know. My Linux laptop has an LVM encrypted file system with a key. The key is a password that i have to enter on startup, i'd guess it's part of the cryptograhic key. Meaning as far as my limited knowledge of encryption would go, even if someone gets access to the laptop and gets to the hardware, the fill cryptographic key isn't stored anywhere. Aside from classic bruteforce attacks on the passwords or if there's some security vulnerability i can't see how someone would crack that.

    • @radio4active
      @radio4active 10 місяців тому +29

      @@chase-2-2 The simple method here is to solder in a small board that sniffs your keyboard input and sends it out via bluetooth or by other means. Your laptop keyboard will be using PS/2 or USB protocol, so you don't need special hardware to decode the keys, and ready-made hardware keyloggers do exist. A more time intensive method is to replace the preboot authentication tool with one that performs identical, but stores the key after successful encryption within a reserved space inside of the executable itself. The attacker can then at any time in the future come back, read the preboot programm off the disk and then extract the key that was stored in the reserved key space of the tool. This does mean you have to visit your victim twice though, so the broadcaster keylogger may be the easier method.

    • @ok4405
      @ok4405 10 місяців тому

      Except iphones

    • @spambot7110
      @spambot7110 10 місяців тому +11

      @@radio4active that sounds pretty complicated actually. the boot partition is not encrypted, there's nothing stopping an attacker from adding arbitrary code to the bootloader, or the kernel, or the initramfs. just patch cryptsetup-unlock so that it secretly writes a copy in plaintext somewhere on the disk for the attacker to retrieve later. or inject a payload into userspace that automatically uploads the password to the attacker's server once the system finishes booting and connects to the internet.
      unless you extremely know what you're doing and have a device that lets you enroll custom secure boot keys, or are using one of the distros whose kernel builds microsoft has blessed with their signing keys, there's no integrity protection of the early boot stages to even warn you that something was changed. you can't even discover the tampering after the fact because, it's arbitrary code, it could just self destruct and restore the boot partition to exactly how it looked before the modifications.

  • @JasonMayes
    @JasonMayes 10 місяців тому +309

    I love the clarity of your explanations. More folk in the industry need to speak and explain like you do. Great job.

    • @bltzcstrnx
      @bltzcstrnx 9 місяців тому

      The video is good, but it is too clickbaity. Common people will think the fault is in BitLocker. This implies that Microsoft is at fault and people love blaming them. The truth is, the same problem exists in Linux because this is hardware vulnerability, not software.

  • @NoDissasemble
    @NoDissasemble 10 місяців тому +234

    Really interesting video and great demonstration. Surprising how easy this is.
    Of note, TPM only BitLocker configuration is documented as being one of the less secure. Definitely not recommended for a production deployment. As you have shown, it really only offers robust protection against access when the drive is removed and separated from the original system and TPM.
    With TPM only there is only a single branch in the key chain. TPM Key Protector (KP) decrypts the Volume Master Key (VMK) decrypts the Full Volume Encryption Key (FVEK).
    TPM + PIN is a more secure method which requires the pre-boot PIN in addition to the TPM stored key.
    Actually the PIN doesn't protect the TPM as you suggested, it is really just another BitLocker KP needed to unlock decrypt the VMK. It is just designed to require both the TPM KP and the PIN KP to do so.
    There's a whole lot more behind BitLocker in terms of default vs best practice for security. Why MS don't just them as default it is beyond me.

    • @stacksmashing
      @stacksmashing  10 місяців тому +44

      Heya - thanks for the insightful comment!
      Oh interesting, apologies for the misrepresentation of how the PIN works with Bitlocker! I'll read up and add it to the errata!

    • @jasons.6747
      @jasons.6747 10 місяців тому

      Can this be done if bitlocker doesn't trust the hardware and is asking for the password or recovery key? I currently have a machine that's asking for the bitlocker password after cloning and installing a new ssd.

    • @niyablake
      @niyablake 10 місяців тому +5

      Becausethey average person tends to complain about this. I've worked for a devenct contractor that required the pin on boot up

    • @dimi-eu
      @dimi-eu 10 місяців тому

      the flaw is in Microsoft's Bitlocker@@stacksmashing and not a TPM flaw. Tomshardware made a really poor job covering your video

    • @ZachSkagen
      @ZachSkagen 10 місяців тому

      @@jasons.6747 no this can only be done when the system integrity is still in tact (when all the PCR measurements are as expected), otherwise the TPM cannot send the key in clear text to the CPU. Also the ideal way of cloning a BitLocker encrypted disk is from within the OS after it’s been booted. Use one of the many different tools out there (like EaseUS) to do that. The cloned drive will not be encrypted whatsoever. Re-enable BitLocker after installing the new cloned drive.
      If you are trying to clone the entire disk block-by-block, you should have gone into BitLocker and put it in Suspended mode first. Although no telling if that will work, usually that’s used when a motherboard is swapped.

  • @Charles-ks3ht
    @Charles-ks3ht 10 місяців тому +3997

    Congratulations! You found the FBI's backdoor.
    Expect an agent to arrive at your destination in a couple of minutes for your prize!

    • @avisprimey
      @avisprimey 10 місяців тому +169

      Reminds me of GLaDOS: "Assume the party escort submission position or you will miss the party"

    • @kreuner11
      @kreuner11 10 місяців тому +90

      That backdoor would be way more overengineered than this. This just looks like a huge oversight they ignore since it's way too complex for the rookie hacker

    • @advertslaxxor
      @advertslaxxor 10 місяців тому +44

      @@kreuner11 I wonder why the communication between TPM/CPU is not encrypted. It shouldn't be too hard to do.

    • @jer1776
      @jer1776 10 місяців тому +81

      @@advertslaxxorBecause the purpose of modern TPMs is to protect data from an amateur thief and the user, no one else

    • @Wahinies
      @Wahinies 10 місяців тому +11

      They are coming to hire him

  • @jurgennicht4626
    @jurgennicht4626 10 місяців тому +156

    6:48 - "It did not need any super advanced skills or tools"
    Depends on who you ask. To me there is a lot of knowledge already needed to perform this kind of attack and (optionally) even build a custom PCB 👍
    Well done Sir.

    • @foryou6888
      @foryou6888 10 місяців тому +16

      Have to agree on this one, the ability to figure out the problem, prototype a hardware and software solution for a single laptop model, is what I would call advanced. Also spectacularly fit into a 9 min vid.

    • @Baldavier
      @Baldavier 10 місяців тому +6

      But from the point of publication of proof of concept, all further attackers no longer need as much background knowledge. Guessing criminals just watch ethical hackers and copy them. Gotta get those CPD points!

    • @foryou6888
      @foryou6888 10 місяців тому +5

      @@Baldavier Maybe less, but unless they are retrieving the keys from the same model, they will still need the advanced knowledge to find the correct pins, and then adjust the hardware and software tools.

    • @THEfogVAULT
      @THEfogVAULT 10 місяців тому +1

      @@Baldavier
      You would hope that this forces evolution in the cybersecurity field; being essentially an arms race.

    • @RTSRAZORBACK
      @RTSRAZORBACK 10 місяців тому +3

      I did agree on this at first... but now that he's basically made a "how to" and included his own code/hardware purchases, you could now build one yourself, load his program up and do this yourself, within 50 seconds

  • @clebbington
    @clebbington 10 місяців тому +2794

    don't forget - a TPM module was a requirement for Windows 11 installs for "security" 🙃

    • @loliboly9100
      @loliboly9100 10 місяців тому +89

      Not if you install a customized version of Win11 xD

    • @Hans-gb4mv
      @Hans-gb4mv 10 місяців тому +277

      Perfect security does not exist. It is always about finding a balance. Just enabling Bitlocker prevents a lot of possible attacks on your data, but if you don't protect your decryption key, any malicious actor who is willing to go dig deeper can intercept the key. While a prepared attacker can quickly get the key, and can get it faster than the time needed to also clone the drive when not wanting to leave a trace, someone who was not prepared and has to start looking for everything will need a lot of time.
      And MS did provide a defense against this attack, unfortunately, they don't make it easy for consumers to use. Yet, I have chosen not to enable the PIN code on my personal devices as someone who is willing to invest the time to do this kind of attack on my personal devices can have whatever data they want. My corporate stuff however, PIN code all the way.

    • @sundhaug92
      @sundhaug92 10 місяців тому +116

      Windows 11 requires a TPM, not a dTPM. fTPMs do not appear to be affected by this issue, nor does Pluton.

    • @soundspark
      @soundspark 10 місяців тому +51

      @@sundhaug92 Apparently PIN adds a protection too as the TPM will not reveal the key without entering a valid PIN.

    • @hasanmujeeb8922
      @hasanmujeeb8922 10 місяців тому +5

      ⁠@@sundhaug92what’s pluton ?

  • @ysidrovasquez4591
    @ysidrovasquez4591 9 місяців тому +5

    well, you are the only one i found in two days that really understands the bitlocker, thanks for the video

  • @matankabalo
    @matankabalo 10 місяців тому +186

    Your explanation is great! I really like the animations and visuals you show

  • @kobehighlander
    @kobehighlander 10 місяців тому +4

    Oh, I love this. The combination of ingenuity, curiosity and a great amount of knowledge. Well done.

  • @mekafinchi
    @mekafinchi 10 місяців тому +732

    transmitting the key in *plaintext* is such a bafflingly obvious vulnerability I'm amazed it's in the bloody security chip. I understand the increased hardware and execution time costs that would come with doing otherwise but you'd think security would be prioritized

    • @solwidotnl
      @solwidotnl 10 місяців тому +95

      It can send it plain text, as the hardware is already trusted at that point. If you just have the SSD, this exploit doesn't work. And if you set a pin, it requires a trusted user as well.

    • @suncat530
      @suncat530 10 місяців тому +66

      ​​@@solwidotnlthe hardware is trusted, but how can they trust that no one is listening in on the wires? you can't check that wires aren't beong tampered with

    • @jamess1787
      @jamess1787 10 місяців тому +50

      ​@@solwidotnl
      One could argue that it shouldn't be sent unencrypted. I see what you're saying, at some point the data needs to be read and can be intercepted at that point.
      Maybe the key should be obfuscated with a common/clock signal so that the signal is always unique and can't be done with a simple "replay" attack.
      One thing that's interesting: I took my nephews Dell hard drive that has BitLocker enabled but a broken power connector that I couldn't fix with my soldering iron.
      Plugged it into his mom's identical Dell, booted no issue.

    • @intron9
      @intron9 10 місяців тому +58

      ​​@@suncat530 when there's chassis intrusion, it becomes a responsibility of physical security, not of software programmers. If the hardware is modified, everything is vulnerable, and it won't matter if you apply an encryption or not, there will be lots of other ways to read data of the disc. With enough knowledge and research , a stealer who has the full computer in his hands, should always find a way to hack it. But I'm not saying that everything has been discovered yet.

    • @intron9
      @intron9 10 місяців тому +3

      ...so the plain text communication is not that crazy. But they could have put something else just to slow down hacking.

  • @simon515
    @simon515 10 місяців тому +28

    I saw your great presentation on the Iphone USB-C stuff from 37C3 and now this popped up in my feed. Really amazing work stacksmashing!

  • @briandeschene8424
    @briandeschene8424 10 місяців тому +150

    What you’ve pointed out is that providing *maximum* security is a moving point in time. What is maximum (and usually adequate) at one point in time becomes inadequate as attack techniques improve and shortcomings are identified. The protection is then improved to maximize it anew - again, for a time.
    To remediate the defect you demonstrated, laptops now use integrated TPM or firmware TPM so there’s no more transmission of keys over motherboard traces to be sniffed.
    Finally, your statement about preboot PIN is inaccurate. It does not require a Group Policy Object (GPO). This documented command for Windows Pro does it: Manage-BDE -Protectors -Add C: -TPMandPIN

    • @TheStuartstardust
      @TheStuartstardust 10 місяців тому +9

      Which you might not be able to run (manage-bde) under corporate AD, as it most likely is blocked 🤓

    • @M0UAW_IO83
      @M0UAW_IO83 10 місяців тому +6

      @@TheStuartstardust That's an odd corporate AD policy.

    • @TheStuartstardust
      @TheStuartstardust 10 місяців тому +2

      @@M0UAW_IO83 agree, but I am not controlling AD 😉

    • @dexterman6361
      @dexterman6361 10 місяців тому +8

      About the manage-bde, it's not enabled by default, which is majority of home users, so what's the point.
      Also, the moving point in time, what a bad take. It's as good as saying if you're always watching your phone/laptop it's secure, which is baffling. This just sounds like corporate speak to me.

    • @stacksmashing
      @stacksmashing  10 місяців тому +30

      Thanks for the note on Manage-BDE! I’ve added it as a note into the description.
      My main gripe is the documentation - I don’t think it protects against what Microsoft claims, and it’s not clear to average user or admin that “Bitlocker without PIN gives very limited protection”

  • @jm-alan
    @jm-alan 10 місяців тому +51

    Exploit, explanation, development, mitigations and considerations, all in under 10 minutes
    I'd subscribe twice if I could

  • @netroy
    @netroy 10 місяців тому +168

    There was a similar attack published a few years ago for a TPM that communicated unencrypted over SPI. I had assumed that something like this would have been addressed by now by using some kind of encryption using pre-shared keys. 🙈
    Great work, BTW 👏🏼

    • @XxtrashcanXx
      @XxtrashcanXx 10 місяців тому +13

      the preshared key would have to be accessible. In order for it to be accessible on the harddrive it would have to be stored in a nonencrypted partition. You see the catch 22? Technically it could possibly do it with asymmetric (as opposed to symmetric preshared) if the cpu generated a key pair on runtime, sent the pubkey to the tpm and then the tpm responded back with the bitlocker masterkey encrypted with the public key.

    • @milky3ay566
      @milky3ay566 10 місяців тому +10

      It's difficult to prevent attacks when the attacker has physical access to the device. But yeah, plaint text communication was a bad idea

    • @TheNewFaceOfHSP
      @TheNewFaceOfHSP 10 місяців тому +10

      @@XxtrashcanXx The TPM, CPU and BIOS Chip are all soldered on to the motherboard at the factory. They could be "provisioned" with randomized symmetric keys at the factory.
      Very easy and cheap way to defend against this attack. You could maybe extract a key from one of the chips given enough time, but it would only work for the specific laptop you have on hand, so no automated tool like the above would be possible.

    • @keylanoslokj1806
      @keylanoslokj1806 10 місяців тому +2

      ​@@TheNewFaceOfHSPso you say companies are too lazy to implement an elementary intervention

    • @errorlooo8124
      @errorlooo8124 10 місяців тому +2

      @@XxtrashcanXx It's actually not possible to do it because you can always Man in the Middle by just blocking the keys the cpu generates, storing them for yourself and then generating your own keys to give to the TPM, and vice versa if the TPM tries to send keys to the cpu. This is why certificates and DNS registration are necessary for https. Of course if you did not have access to the beginning of the conversation then it wouldn't work because you couldn't intercept the key messages. And of course all of this is assuming that the encryption algorithm, and key algorithm is public or can be found, because otherwise you wouldn't be able to generate your own keys. But security by obscurity is usually not a good way to protect data, and eventually somebody will find the algorithm, either by software reverse engineering or hardware reverse engineering, it would just be a matter of time.

  • @jhgfghjfuzrtfchchghgf
    @jhgfghjfuzrtfchchghgf 10 місяців тому +5

    sending the bitlocker key over unencrypted connections is ridiculous. thanks for sharing!

  • @eduardoandrescastilloperer4810
    @eduardoandrescastilloperer4810 10 місяців тому +3

    Prior to the video I was aware of this attack but I was shocked at how practical it actually is, it even looked like a magic stick. I thought it needed a somewhat sophisticated lab and days of work

  • @tpd1864blake
    @tpd1864blake 10 місяців тому +4

    Thanks for making this video. I thought bitlocker was enough to secure my computer. I still think it’s good enough to keep it safe from the majority of criminals but I’m going to look at editing the group policy to secure the TPM with a pin pre-boot for additional security. Thanks for making me aware of this issue

  • @andrewwilson7169
    @andrewwilson7169 10 місяців тому +39

    BRILLIANT. And a totally perfect advert for why you never rely on TPM for security. THANK YOU

    • @QualityDoggo
      @QualityDoggo 10 місяців тому +3

      Yeah, hardware security chips are meant to protect their keys from being copied... although it can theoretically be accessed. But you cannot assume they will magically secure the system they encrypt 😂

    • @davestorm6718
      @davestorm6718 10 місяців тому +1

      I'd like to see an eFUSE type of system that can be remotely executed to blow away the TPM module if a laptop is stolen. Better would be to have the UEFI look for a special code for self-destruct via the internet with an out of band signal if the unit is powered up once, it checks for the code online, if it finds it, it self-destructs (before the key is ever delivered to the OS).

    • @BSenta
      @BSenta 10 місяців тому +9

      It's not the TPMs fault. It's the fact that the encryption key is not based on a passphrase which was the standard for FDE before TPM.. Whoever you should still be able to use full disk encryption with a passphrase

    • @TJGermany
      @TJGermany 10 місяців тому +10

      *never rely on TPM 1.x.
      In TPM 2.0/fTPM this has long been addressed and isn't a problem anymore.

    • @iwasthererecording
      @iwasthererecording 10 місяців тому

      What if bitlocker is enabled without tpm hardware? So that it requires a password on boot?

  • @MichaelMichael-kv4gp
    @MichaelMichael-kv4gp 7 місяців тому +1

    This works if the user has a TPM chip but most people don't use a TPM chip. This is still a great find, nice work!

  • @comes4free
    @comes4free 10 місяців тому +9

    great. used this for a decade and now I finally know why pin is needed. Also respect for clearly speaking about fTPM and this hack

  • @CoachMikeyStudios
    @CoachMikeyStudios 6 місяців тому

    I used to encrypt hard drives all the time in the windows XP days. It would take days. I always wanted to know why bitlocker works so quickly. Great video. Thanks for sharing.

  • @HollyTroll
    @HollyTroll 10 місяців тому +16

    super informative as always, thx for the video

  • @rdqsr
    @rdqsr 10 місяців тому +25

    I'd argue it'd depend on your threat model. If you're mostly concerned about someone stealing your laptop to sell at Cashies for money to buy ice than having the keys in the TPM is perfectly fine imo. 99% of criminals are just going to wipe the drive and sell the computer anyway. This fits the use-case for majority of people.
    Now if you're high value target for criminals (e.g you work in the finance industry or something) or the government then it's definitely not a great way to protect your data and you should use a GPO to force the use of a password, use an audited third-party FDE solution like VeraCrypt (formally TrueCrypt), or a Linux-based alternative with LUKS/dmcrypt.
    Great video btw!

    • @Darkk6969
      @Darkk6969 10 місяців тому +1

      I use FDE on my Linux laptop for this reason.

    • @TheDuckPox
      @TheDuckPox 10 місяців тому +3

      I always find it odd that my Windows work laptop never requires my PIN on boot, only my biometrics. How would they derive it into text decryption key? I would guess with some kind of a trusted module (probably TPM) which I will never be sure that it is secure if there is someone who has enough expertise and direct access to the machine. I mean, even iOS, Android and Linux require putting the user's PIN/password in after boot.

    • @M0UAW_IO83
      @M0UAW_IO83 10 місяців тому +2

      Most of them wouldn't even wipe the drive, IME that's usually done by whoever they sell it to.

    • @SlimBobShady
      @SlimBobShady 10 місяців тому +2

      This. Especially Vera/Trucrypt.

    • @throwaway6478
      @throwaway6478 10 місяців тому +3

      @@TheDuckPox
      Because your biometrics are being used in lieu of your logon password, not your encryption key. Your encryption key is stored in your TPM, assuming you're using BitLocker at all.

  • @E4tHam
    @E4tHam 10 місяців тому +96

    This is terrifying... Thanks for showing this

    • @ZonkedCompanion
      @ZonkedCompanion 10 місяців тому +12

      What's more terrifying is when less tech savy people buy a laptop and they end up with bit locker enabled, having not kept their key. Years later they come to us for repair and we can't retrieve their data. Should be made very clear to people that they have bit locker enabled and what this actually means. Im glad progress is being made with regards to cracking it. The currently available software for bit locker cracking costs insane amounts which small time computer shops can't afford.

    • @dazetwenty346
      @dazetwenty346 10 місяців тому

      this for sure @@ZonkedCompanion

    • @BlueFox61
      @BlueFox61 10 місяців тому +1

      A good counter for physical tampering is physical tampering. What i mean specifically is using some sort of glue like sparkled nail polish on your case screws to see if its been tampered with before youve actually done any disassembling yourself.

    • @keylanoslokj1806
      @keylanoslokj1806 10 місяців тому

      ​@@ZonkedCompanionso what do you do in those cases

    • @ZonkedCompanion
      @ZonkedCompanion 10 місяців тому

      @@keylanoslokj1806 you either suggest an advanced data recovery specialist (which usually costs 1000s and few touch bitlocked drives anyway), or tell a poor old lady she's lost all her grand childrens photographs forever and try to educate on what encryption is. We also try to impliment some kind of backup solution, be it on the cloud or just an external hdd, so it never happens again!

  • @videodude8137
    @videodude8137 7 місяців тому

    Your are an excellent speaker, and gave an excellent tutorial. No silly background music. Very nice! Thank you.

  • @sinamobasheri
    @sinamobasheri 10 місяців тому +15

    Beautiful Beautiful
    Mind Opening!

  • @mooripo
    @mooripo 27 днів тому

    This definitely prove that bitlocker is so safe in 99% of cases, you' like that germ detol can't kill lol
    Great video

  • @electromatic138
    @electromatic138 10 місяців тому +16

    Loved your cc presentation

  • @joelstolarski2244
    @joelstolarski2244 6 місяців тому

    Amazing and so well explained. Have a dell micro 3080 that belonged to a company, recovered from an unpaid storage unit. Have bought several laptops the same way. This is first one, that had a bitlocker encrypted drive. I'm new to using kali, and have done an 8266 nodmcu deauth chip, but this is a little more involved. Don't have a raspberry pi yet. Thanks for the tutorial !

  • @DigitalMetal
    @DigitalMetal 10 місяців тому +12

    Great Video! Explained well. Thank you.

  • @themartdog
    @themartdog 10 місяців тому +4

    Great walkthrough. I feel like I would have already been wary of this type of auto-unlock encryption anyway though. If I'm not typing in a password to unlock at boot, it's quite obvious there would be some type of hardware hack possible. Kinda common sense, imo.

  • @HolowatyVlogs
    @HolowatyVlogs 10 місяців тому +130

    Babe, wake up. Stacksmashing posted a new video.

  • @Jinkle
    @Jinkle 10 місяців тому +1

    You’ve gained a follower, thanks for your effort and video.

  • @aeolist
    @aeolist 10 місяців тому +4

    good video. i would point out that while fTPM attacks have been disclosed, they're nowhere near as simple and fast as a bus-sniffing attack like this.

  • @Daunlouded
    @Daunlouded 10 місяців тому +1

    "...and didn't really need any super advanced skills or tools" - Definitely not super advanced, but still advanced skills and tools. Not everyone can make that stuff you know.
    Microsoft's documentation around 7:00 is still mostly correct. You had to make your own both tool and software, which can only be used on small number of machines and probably exclusively for laptops. You simply can't pull this off in the real world if you don't have "lengthy physical access" on the device. Not all PC's are built in the same way and not all of them have probe points at the same spot if they have those in the first place.
    Still, this is good to know. A little too hard bashing on MS but good video.

  • @LogicException
    @LogicException 10 місяців тому +76

    5:58 I want something easier and faster, so I directly designed my own PCB... sure, I see we don't have the same understanding of "easy and fast" xD

    • @stacksmashing
      @stacksmashing  10 місяців тому +36

      I spent hours to develop a fast attack and used it… once 😂😭🥲

    • @Noname-km3zx
      @Noname-km3zx 10 місяців тому +6

      You don't understand how easy and simple that PCB is, but I think the focus was to make it fast, as he said you could solder the wires if you have time.

    • @guiorgy
      @guiorgy 10 місяців тому +11

      Programmers have this running joke, where they often spend hours, or even days, automating something that would've taken them 10 minutes to do by hand 😅

    • @Sharpless2
      @Sharpless2 10 місяців тому +3

      yeah but now that you have this fancy PCB and the bit of code, youre always gonna save a huge amount of time. ...only if the contact points are on the mainboard in that layout tho.

  • @Artwertable
    @Artwertable 10 місяців тому +2

    Really great video. That why we use pin for bitlocker.

  • @Endermanch
    @Endermanch 10 місяців тому +5

    Very insightful! Expected nothing less from a stacksmashing video. I just wanted to put in my 2 cents here - there's another, simpler attack you can employ against BitLocker: taking a snapshot of RAM. The BitLocker key is casually stored in RAM every time you boot, so taking a full snapshot and finding a key inside it is not a big deal at all. This subject really fascinates me; The key takeaway must be: BitLocker is secure, but nothing will save you if a bad actor gains physical access to your machine. Unless you use an external strong key, but even that falls flat against the silliest HNDL attack. TL;DR don't give your machine to strangers!

    • @throwaway6478
      @throwaway6478 10 місяців тому

      How?
      Through software? Requires Administrator privileges, and is thwarted by the hypervisor-assisted memory protection features introduced in Windows 10, and that are on by default in Windows 11.
      Cold-boot attack or FPGA-based DIMM interposer? These are why so many computer have soldered RAM now.
      Through a compromised DMA-capable device? Windows can be configured to disallow hotplugging of DMA-capable devices (e.g. USB 3.x). Adding a card would cause a Secure Boot failure, as the hardware configuration had changed.

    • @DarkVoiderFrom03
      @DarkVoiderFrom03 8 місяців тому

      This also means that LUKS2 on Linux wont save me from this attack either

  • @TylerThomas
    @TylerThomas 8 місяців тому

    That was sick. Thanks for taking the time to share with us.

  • @s8wc3
    @s8wc3 10 місяців тому +26

    Thank you for making this more known. This is just a nuisance for data recovery techs rather than actual security.

    • @gorrumKnight
      @gorrumKnight 10 місяців тому +6

      For real. It's the worst when the host system has a dead motherboard and the customer doesn't have the key in their MS Account.

    • @jttech44
      @jttech44 10 місяців тому

      @@gorrumKnight Not really, I mean, in that instance, you give them back their hardware and you're done. They'll hem and haw about you charging them the diagnostic fee, and then they leave.
      Worst case, bad yelp/google review, which nobody really reads anyway.

  • @the_coding_traveller
    @the_coding_traveller 8 місяців тому

    Best explanation about clock signals yet! thank you it was a eye opener!

  • @PekPiu
    @PekPiu 10 місяців тому +5

    Nice video and explanation. I haven't trusted those consumer products/architecture/key-management too much in the first place, so while having a normal vanilla bitlocker in the windows machines, I have all my important/secret data away from my desktop/laptop. My oldest desktops have manual Bitlocker passwowrd entry prompts, as there are no TPM chips, Ha! The secret stuff are behind my own VPNs, my own hardware, and NAS/DAS, and located in encrypted storage in my own systems. And the super secret stuff (for example those that cam compromise access to my customers secret data) is additionally protected in Veracrypt containers. And other security stuff too, but those are not to be spilled at youtube comments.

  • @hankhulator5007
    @hankhulator5007 10 місяців тому

    Hi, clever attack, which proves the reason why a part of the encryption process (usually the key) _must_ be separated from the hardware - nice decoding self-made dongle BTW :)

  • @jamesos2744
    @jamesos2744 10 місяців тому +7

    Very impressive attack, and a well made video! I do have to take issue with the idea that setting up the PIN in Group Policy is somehow some extraordinary technical challenge... It's far more simple than everything else you did in this video. I suck at GP, and I figured it out with a quick Google search. Guess I'm setting a PIN on all my bitlocker encrypted devices now! Damn...

    • @TealJosh
      @TealJosh 10 місяців тому

      Pin is a great idea in general, but not to worry if you don't use it. On modern devices the TPM is no longer on a physical chip, but part of CPU now.

    • @stacksmashing
      @stacksmashing  10 місяців тому +1

      @TealJosh in a lot of high-end laptops it’s still a dedicated chip

    • @TealJosh
      @TealJosh 10 місяців тому

      @@stacksmashing huh, you are right. I wonder why manufacturers choose dTPM over fTPM considering CPUs nowadays support fTPM.

    • @sts0-101
      @sts0-101 8 місяців тому

      ​@@TealJoshTCG certification of dTPMs is one reason. Linus Torvalds also has a strong opinion about AMDs fTPM implementation. Installing a new CPU in a desktop also means that your TPM data would be gone (hopefully you have a backup). For the small cost, I think a dTPM is the way to go.

    • @TealJosh
      @TealJosh 8 місяців тому

      @@sts0-101 I'm extremely sceptical of even the current system for TPM maintaining its state through hardware configuration changes. There are situations where just opening the chassis should invalidate the TPM state.
      What is Linus' opinion?

  • @ipaterson
    @ipaterson 10 місяців тому

    You never cease to amaze Thomas. Incredible work my friend!

  • @davestorm6718
    @davestorm6718 10 місяців тому +23

    Nice work! I have a background in electronics and programming and was just thinking about how TPM actually works (while studying for Sec exam) since I wasn't really familiar with it, and thought, "hey, there's got to be a key sent in the clear on some bus somewhere", then you're vid popped up in my recommended videos. Thanks for sharing (I actually ran into this problem on one of my 5 y/o machines after the mobo's power module failed w/a popped cap - I caught it immediately, so the rest of the components should still work including the dedicated TPM chip, I'll give this a try so I can get my data back off my expensive SSD, easier than blowing it away, reinstalling OS and restoring backup).

    • @mailjasons
      @mailjasons 10 місяців тому +1

      You could look it up with your MS account also if it's backed up there.

    • @davestorm6718
      @davestorm6718 10 місяців тому +1

      @@mailjasons Unfortunately, this particular machine was used for experiments - it's backed up, just not w/MS (oops!).

    • @themisir
      @themisir 10 місяців тому +1

      regarding TPMs - it's not advised to extract keys out of the TPM module. Usually the TPM supposed to get a payload, derive the key, encrypt it and return the payload back. With this design we are keeping the key within the module itself not exposing to other devices. I can understand why MS went with their decision since routing all the disk data via TPM would be inefficient as hell, so they went with the way that's not really secure.

    • @SpaceCadet4Jesus
      @SpaceCadet4Jesus 10 місяців тому

      Good luck getting it unencrypted.

  • @mzh99
    @mzh99 10 місяців тому +1

    Interesting information and nice skills.
    Note: Bitlocker can also be used without the TPM in which case, this video won't apply. I like to use Bitlocker on a Hyper-V Virtual Disk that contains my data needing to be secured. I mount the disk on demand with my Bitlocker unlock key/passphrase. I can move the data around to any computer like a single file. Makes backups simple too.

  • @imation2
    @imation2 10 місяців тому +13

    7:35 setup a PIN with GP policy is easy and I know many enterprises who has enabled it via GP
    Good mitigation- case closed.

    • @ElliottVeares
      @ElliottVeares 10 місяців тому +2

      I always use a password (known as a enhanced pin in GP), XTS-AES 256, and full drive encryption with Bitlocker.

    • @mcq2879
      @mcq2879 10 місяців тому +1

      Unfortunately requires Pro or higher and many people aren't going to pay 150+ for that and don't know how to pirate Windows.

    • @ElliottVeares
      @ElliottVeares 10 місяців тому

      Bitlocker requires Pro or higher anyway. Also Hyper-V is to good of a feature to miss out on.@@mcq2879

    • @fcfcth
      @fcfcth 7 місяців тому

      @@mcq2879 BitLocker (unless we count "device encryption") also requires Pro or higher

  • @octalitic
    @octalitic 10 місяців тому

    This video shows the reason as to why I'm a great fan of VeraCrypt 🙂 (on laptops remember to disable the keys stored in ram via removing the battery or shutting down the laptop completely as well as disabling windows fast-boot feature!) Peace!

  • @fanevicleanul603
    @fanevicleanul603 10 місяців тому +4

    I'm so envious on you guys being capable doing stuff like this, so much knowledge, wished that I have the brain for this stuff.

  • @noflashbang
    @noflashbang 10 місяців тому +1

    Killer work dude! This is super clean!

  • @benjaming.4623
    @benjaming.4623 10 місяців тому +8

    unbelievable. All the encryption, security and blahblah just to then send the key unencrypted. Nice video!

    • @XKS99
      @XKS99 10 місяців тому +4

      It has to be unencrypted at some point. They could use a preshared symmetric key to prevent this particular attack but that has it's own issues.

  • @jay3368
    @jay3368 10 місяців тому

    What i gained from this video is A) bitlocker and tpm can be more secure with further configuration. B) Microsoft knows their customers

  • @EddieHart
    @EddieHart 10 місяців тому +6

    This is cool, but to those suggesting this is a planned backdoor or design failure it depends on your threat model. Presumably CPU is handling disk encryption operations, then some key will end up in RAM anyway which isn’t much better than this. Until you can get a TPM with high enough throughput to handle all disk traffic it will be the reality.
    If you’re using the system state itself as authorisation, then I’d argue there is no security flaw with the hardware here, rather with policy (as explained in the video). An attacker such as this would be authorised to access the device simply because the hardware configuration is the same, they could turn on the device and access the operating system anyway. So it’s important to include an actual authentication factor in the decryption sequence (password, pin etc).

    • @0LoneTech
      @0LoneTech 10 місяців тому +1

      There's no need for the CPU to transfer the key to RAM. There are enough registers in there to hold the key. E.g. you could store 128 bits in DR0-DR3. It's simply a matter of priorities; Microsoft's priority isn't that you get what you thought you bought, it's that you keep paying.
      Many CPUs can do on the fly encryption of main RAM itself and have dedicated key storage.

  • @QualityDoggo
    @QualityDoggo 10 місяців тому +1

    Just wanted to say this is a pretty incredible video and fascinating topic. I suppose it doesn't help people who are already locked out due to an unbootable system, which is when BitLocker is most often the issue... but it is certainly an interesting topic!

  • @philipmrch8326
    @philipmrch8326 10 місяців тому +6

    TPM is really just security through obscurity. I always wondered how it decrypts without a password or an external key device. This makes so much sense. I'm happy that I use LUKS on Linux with a manual password.

  • @FranciscoMaya
    @FranciscoMaya 10 місяців тому +1

    This will be very useful to get the Bitlocker key BEFORE the system fails, because the manufacturers do not inform users about the correspondent Bitlocker key.

  • @abc_cba
    @abc_cba 10 місяців тому +4

    for the efforts you took to explain this whole concept so nicely - i subbed!!

  • @robinhouben3905
    @robinhouben3905 10 місяців тому

    this channel is so underrated keep up the great work!!

  • @daLiraX
    @daLiraX 10 місяців тому +7

    So just disable TPM and enter the key the old fashioned way on startup (on any device)?

  • @Shenron666
    @Shenron666 10 місяців тому

    Well explained, and very interesting to see how much protected hard drives aren't protected 😁

  • @TheRailroad99
    @TheRailroad99 10 місяців тому +3

    Nice demo! It goes without saying that this is not just a bitlocker/Microsoft problem, but rather a (d-)TPM problem that is "by design".
    fTPM solves this.

  • @nataliegrn17
    @nataliegrn17 6 місяців тому

    Thanks!

  • @xreev0x
    @xreev0x 10 місяців тому +24

    “Plenty of time” refers to you having researched that particular laptop, developed a custom tool which took days for them to make and send to you, the custom code you had to write to run the exploit, etc. This is what we call in the security world as the “advanced persistent threat.” It took you 40 seconds after spending countless hours preparing to run your exploit.

    • @alphabeta448
      @alphabeta448 10 місяців тому +4

      And now, after one single person has spent some time preparing the exploit, everyone can use it in matter of seconds (of course with limitations, most importantly the hw, but still in seconds). I'm pretty sure those who are for real "in the security world" have a different opinion than yours

    • @EndOfLineTech
      @EndOfLineTech 10 місяців тому +2

      The funny thing is yes he spent time going more scientific and fully unlock the drive on other machines okay. But there's a greater problem with BitLocker and I'd assume you know this. The disk is encrypted essentially by the power button. How secure is a door you push a button to go through >< ?

    • @TealJosh
      @TealJosh 10 місяців тому

      @@alphabeta448 for this specific manufacturer and model. In the real world, physical TPM chips are becoming rare. Also, bitlocker + tpm is not recommended, it should be bitlocker + tpm + pin.

    • @eplus341
      @eplus341 8 місяців тому +1

      some data is valuable enough to throw a few days at trying to unlock it.

    • @raphaelmartin8314
      @raphaelmartin8314 2 місяці тому

      It is only for a particular laptop, but where I work everybody have the same laptop model, and since the W11 update we do not have any Bitlocker pin anymore.

  • @Just_a_user3
    @Just_a_user3 10 місяців тому

    This is a great video. The animations are put together well. Thank you very much!

  • @Miriweth
    @Miriweth 10 місяців тому +6

    Hello! Fantastic video. I'm curious, is the chip featured TPM 1.2 or TPM 2.0?

    • @frankfix247
      @frankfix247 10 місяців тому

      Win 11 requires v2.0.

    • @stacksmashing
      @stacksmashing  10 місяців тому +3

      The one in the video is 1.2, but the kind of attack should also work on TPM2.0

    • @npwiley
      @npwiley 10 місяців тому

      I have read in the comments here a few people saying this won’t work on 2.0. One saying key is then encrypted. Would be curious to know this too!

    • @throwaway6478
      @throwaway6478 10 місяців тому +1

      @@npwiley
      TPM 2.0 does support encrypted communications across the bus, but Windows doesn't use this feature, as despite requiring a CPU with a TPM 2.0 built-in, it will happily use an earlier revision. For example, my daughter's laptop runs Windows 11 and has a discrete TPM 1.2, and BitLocker works fine with it.

    • @en4rab
      @en4rab 10 місяців тому

      @@npwiley It works fine with 2.0, decoding the sniffed data is slightly different as I think the way wait staes are communicated changed between 1.2 and 2.0 but its otherwise the same (if you are using Gheckos sigrok plugin select the correct TPM type in the dropdown)

  • @AlyYouTubePresence
    @AlyYouTubePresence Місяць тому

    You have to appreciate the effort that went into making the pins setup! However, this video makes me more likely to use BitLocker than not. My use case is leaving a PC unattended with a person who's highly unlikely to have the skills to do this attack. However, anyone can use a SATA to USB adaptor.

  • @geebee7529
    @geebee7529 10 місяців тому +6

    Wouldn't this be a lot harder on a modern Windows 11 machine with TPM 2.0, instead of an ancient Lenovo running Windows 7 BitLocker?

    • @OrinThomas
      @OrinThomas 8 місяців тому +2

      Laptop in question doesn't have TPM 2.0 so this is a valid question (it's designed for Windows 8 as per the sticker visible on the chassis).

  • @ronminnich
    @ronminnich 10 місяців тому

    This is very nice summary, and a lot of fun!

  • @abc1987625
    @abc1987625 10 місяців тому +6

    I'm not particularly concerned by this considering the primary purpose of encryption on my devices is to prevent casual thieves rifling through my data (and very few of them would understand or take measures like above), but it shows it's not enough for a lot of applications. My home can also be broken into if someone is willing to ram the door hard or pick the locks. Security isn't about perfection, it's about proportionality.

  • @NormTurtle
    @NormTurtle 10 місяців тому +1

    No way i was just worried by my bitlocker today and this is on my recommendation and its just uploaded today 😅😮😮

  • @SBTRIS
    @SBTRIS 10 місяців тому +6

    The bizarre thing about this is that TPM spec supports session-based parameter encryption (part 1 section 19). Firmware needs to explicitly set it though.

    • @throwaway6478
      @throwaway6478 10 місяців тому

      Windows doesn't use this feature, as despite requiring a CPU with a TPM 2.0 built-in, it will happily use an earlier revision. For example, my daughter's laptop runs Windows 11 and has a discrete TPM 1.2, and BitLocker works fine with it.

  • @goofballbiscuits3647
    @goofballbiscuits3647 9 місяців тому

    This is my new favorite channel 🎉
    Thank you!

  • @ghostbiker7391
    @ghostbiker7391 10 місяців тому +8

    this is so good to know, but the main thing is you must have the TPM linked to that ssd/hdd,

  • @JFirn86Q
    @JFirn86Q 10 місяців тому

    Yeah TPM without a startup key on USB and/or PIN is a joke, as shown here. Microsoft kind of admits this somewhere in the middle of that article you showed. Anyways, love your video and easy explanations! Looks fun!

  • @apu_apustaja
    @apu_apustaja 10 місяців тому +6

    Still clinging to hopes that someone will help to upgrade your gameboy web interface to make four-round matches possible.

    • @stacksmashing
      @stacksmashing  10 місяців тому +3

      You mean 4 games after another?🤔

    • @apu_apustaja
      @apu_apustaja 10 місяців тому +2

      @@stacksmashing Yes. The hardware is great. Still working well to this day. :)

  • @raxirex8646
    @raxirex8646 10 місяців тому

    Been following this from the start, nice video

  • @-.._.-_...-_.._-..__..._.-.-.-
    @-.._.-_...-_.._-..__..._.-.-.- 10 місяців тому +3

    This isn't how mine is setup. I have to manually enter the key at the start of the booting process.

  • @Tomyb15
    @Tomyb15 10 місяців тому

    I read an article about your device and this attack, and honestly I was surprised that nobody tried something like this years ago.
    I too had always wondered how an external tpm was supposed to keep data secure if at some point during boot it needs to send the raw encryption keys to the cpu. It's pretty big design flaw and it's pretty unbelievable to think that it was overlooked.
    In fact, I had assumed that the cpu and tpm did some sort of DH key exchange with possibly some sort of certificates to also avoid midm attacks. Guess that would have been too good to be true.

    • @LuluTheCorgi
      @LuluTheCorgi 10 місяців тому

      Too obvious to have been missed on accident imo
      I'm sure the NSA and friends love this feature

  • @dexterman6361
    @dexterman6361 10 місяців тому +5

    yeah I've been going through how TPM and etc works as I was moving from windows to linux, and I gotta say, I was astonished (an understatement) when I realized that most implementations just send the actual key in plain-text! Microsoft and other manufacturers had ONE job, and they couldn't get it right. fTPM is better in that it's integrated into the CPU and from my understanding, is practically impossible to sniff since it all happens inside, possibly in the secure enclave chip. Extensions to out-of-CPU TPM have been proposed, where the key is sent encrypted with a pre-shared-key when setting things up, which would theoretically fix this design flaw. I'm yet to understand how this works.
    Great video! I'm somewhat glad I understood things right as I researched around about this topic.

    • @CyrilCommando
      @CyrilCommando 10 місяців тому

      This is actually a godsend for repair shops & people who want to see their data again if their computer bites the bullet!

    • @dexterman6361
      @dexterman6361 10 місяців тому

      ​@@CyrilCommandoThat's true. It's also strange how MS doesn't let you backup the key without a microsoft account. There is a recovery code in bitlocker that you can use to decrypt your data, but requires using the CLI. But then again, the fact that it's not user-facing front and center for a regular joe negates the point. Maybe because they want to motivate people to create an account. Such a shitty company I tell you

    • @TealJosh
      @TealJosh 10 місяців тому +1

      @@dexterman6361 they do let you backup the key without a microsoft account. You can literally print it on a paper.

    • @dexterman6361
      @dexterman6361 10 місяців тому

      @@TealJosh I had to use the CLI to get to it. The settings pane told me "add account to finish encrypting your device"
      The printing, I believe that's only for Win pro where bitlocker is exposed in old control panel directly. Win Home does not have it. It only has "device encryption" in the new fancy settings app. I was referring to win home.

    • @TealJosh
      @TealJosh 10 місяців тому

      @@dexterman6361 oh yeah. That's my straight up biggest criticism of win11 and Microsoft in general. Encryption should NOT be a pro feature and now that the home version kind of encrypts by default(but not well enough) without providing full access to the encryption parameters.
      I actually don't know the limitations of the home version because I haven't considered it acceptable for my requirements for years.

  • @tarakivu8861
    @tarakivu8861 10 місяців тому +1

    Well security is always layered, if all you trust is "what you have" and thats the same as "what you want to protect" in most cases (laptop and tmp module), it only makes it a bit harder to attack.
    Always mix your security trust anchors and dont keep 2 of the same type in 1 place.
    A simple password would make this infinetly harder and require much more attacks against the actual victim aswell.

  • @0x00-q2i
    @0x00-q2i 10 місяців тому +4

    Interesting, though I noticed this was on a really old version of the Carbon X1. My understanding was it used to be a problem but vendors have grown wise and patched it in newer designs. Do you have any examples of newer laptops this works on?

    • @mikkolehtisalo
      @mikkolehtisalo 10 місяців тому

      Why would they patch something that is working as intended? If you need security, you enable the PIN requirement. I have never seen anyone use the PINless configuration in real life.

    • @robertroxxor
      @robertroxxor 10 місяців тому

      i do, because it's always a tradeoff securityusability @@mikkolehtisalo

  • @mux1337
    @mux1337 10 місяців тому

    Honestly I have no idea why win11 removed the passphrase/pin at the beginning and as you mentioned the typical user won't use the group policies. This is like locking a door and leave the key inside but maybe it is as designed so some people with knowlegde can still access the data easily. Great video and good explaination, I just skipped through because of a well known background but this is a video from beginner to expert.

  • @soundspark
    @soundspark 10 місяців тому +4

    Would a chassis intrustion switch (and a strong BIOS password to prevent reset) case a measured boot failure?

    • @BRNSystems
      @BRNSystems 10 місяців тому +3

      Probably yes, that is what the chassis intrusion switch is for.(at least it might lock the bios if you have a password set)

    • @soundspark
      @soundspark 10 місяців тому +3

      @BRNSystems I would think if the BIOS implementation was smart it would take into consideration the chassis intrusion status as part of its boot hash and thus cracking open a protected machine would spoil the measure boot.
      That said what usually breaks my BitLocker is forgetting to pause protection when updating my BIOS.

    • @Amplificator
      @Amplificator 10 місяців тому +1

      Chassis intrusion is usually a button/switch so in the case where you simply drill a hole like he shows in the video, it won't stop the attack.

  • @royborgen
    @royborgen 9 місяців тому

    That is really impressive and well explained. Good job!

  • @mudi2000a
    @mudi2000a 10 місяців тому +3

    Is this also possible if the TPM which is built in into the CPU is used, as then no signalling between the cpu and TPM can be seen?

    • @throwaway6478
      @throwaway6478 10 місяців тому +1

      No, it's why Windows 11 only supports CPUs with a built-in TPM.
      Windows can use a discrete TPM however, hence why the uploader chose such a machine.

    • @stacksmashing
      @stacksmashing  10 місяців тому +1

      @throwaway6478 windows 11 does not only support CPUs with fTPM.

    • @throwaway6478
      @throwaway6478 10 місяців тому

      @@stacksmashing
      I'd like to see an example of these supported CPUs that don't have a built-in TPM, since all Zen+ and Coffee Lakes have built-in TPMs, and these are the minimum requirement for Windows 11.

    • @throwaway6478
      @throwaway6478 10 місяців тому

      @@stacksmashing
      I like how it took you three minutes to scream "hurr durr u rong", and we're now in the third WEEK of you failing to show how I'm wrong. Don't ever change, freetard.

  • @fritzfahrmann4730
    @fritzfahrmann4730 10 місяців тому +2

    Great video, this makes me think about veracrypt or encrypted VMs again

  • @ElijahCiali
    @ElijahCiali 10 місяців тому +6

    Curious whether AMD's fTPM would be easier or harder to crack.. Seem it might just use a serial connection so that applications can use it as an RNG during runtime

    • @mcha0_
      @mcha0_ 10 місяців тому

      See the faulTPM paper: arXiv.2304.14717
      Remains unpatched to this day.

    • @Wahinies
      @Wahinies 10 місяців тому +1

      It may function the same but one would have to sniff 1,311 or 1,781 pins ;)

    • @Darkk6969
      @Darkk6969 10 місяців тому +1

      @@Wahinies And the risk of destroying the processor and in the process taking the keys with it. I think AMD is on the right track!

  • @paulsimon1494
    @paulsimon1494 10 місяців тому

    Great job!
    I believe that keys are not stored in a TPM due to its limited memory by design, instead they are usually stored on a disk in a wrapped form and TPM performs an unwrapping operation if PCR state is ok. Also systemd-cryptenroll may be vulnerable to a similar attack.

  • @RandomytchannelGD
    @RandomytchannelGD 10 місяців тому +8

    THE BREAKING BAD THUMBNAIL LOL

    • @Ping727
      @Ping727 10 місяців тому

      He did take the effort to change the atomic number from Ba (56) to Bi (83)

  • @gabrielandy9272
    @gabrielandy9272 10 місяців тому +2

    7:40 is this different in windows 11? because the first thing bitlocker ask me to do is set a pin its very clearly .

  • @Klusio19
    @Klusio19 10 місяців тому +4

    I had a strange feeling, that using that goofy ahh TPM module for the bitlocker is not the greatest idea, so I immediately searched the web for how to set the PIN instead of using TPM.
    Also, why the heck bitlocker doesn't let to use security keys to decrypt the drive?....

    • @ES-cf4ph
      @ES-cf4ph 10 місяців тому +2

      Because Microsoft doesn't care about customers security.

    • @Wahinies
      @Wahinies 10 місяців тому

      ​@@ES-cf4phcmon now they are one of the few vendors that are part of the CMVP that says something.

  • @permissionBRICK
    @permissionBRICK 10 місяців тому

    Nice! I've seen this done with Ice spray and RAM, but this is much more convenient!

  • @MarcusTheDorkus
    @MarcusTheDorkus 10 місяців тому +3

    It's very weird that the user account passwords/PINs aren't required for the TPM to release its keys. Maybe it's just because of the tighter integration (that people would cry and howl about if it came to PCs) but this is what Apple computers and smartphones do.

    • @throwaway6478
      @throwaway6478 10 місяців тому +3

      Because it causes a catch-22: the user's passwords aren't available on Windows until the SRK is released from the TPM, because the user's password is stored on the encrypted volume. I don't know about Macintoshes, but smartphones get around this by storing their operating systems unencrypted, and only encrypt user data.

    • @eDoc2020
      @eDoc2020 10 місяців тому

      @@throwaway6478 They could just use a stub OS. When you change the main account password it would also update the corresponding key in the stub.

  • @b.johnbeaumont7435
    @b.johnbeaumont7435 10 місяців тому

    I needed this like 6 months ago and would have totally purchased the TPM sniffer pico as I was attempting to get the recovery key for my dad's PC. I tried a lot of stuff, but this looks more promising.

    • @adiareed5268
      @adiareed5268 4 місяці тому

      Did you figure out how to unloc your dad's computer?

  • @Szklana147
    @Szklana147 10 місяців тому +7

    Solution: use TPM integrated in CPU.

  • @dvorakgigachad1444
    @dvorakgigachad1444 10 місяців тому

    you make this look so easy, sir

  • @alerighi
    @alerighi 10 місяців тому +3

    The real issue here is that the communication between the TPM and the CPU is in clear text. This is just stupid, I mean just a diffie-hellman exchange would have been better. Sure, you could then get in the middle of the communication, but that would have required desoldering the TPM chip and having an hardware to get in the middle, not something easy as sniffing some data lines!

    • @the-lettere
      @the-lettere 10 місяців тому

      Adding DHE is a really cool idea. But also, the more complex you make the tpm the more likely there is to be a flaw. And I don't know if you can patch a tpm chip.

  • @fake08
    @fake08 10 місяців тому +1

    Such an interesting video, thanks! ❤
    When I had my main hard drive Bitlocker encrypted, Windows would always ask for the password, before it was able to boot. This would seem safe to me as the key shouldn't be stored anywhere in that case.
    But did this change to auto-unlock on boot or is there a setting where you can change this behavior?