Microsoft's Bitlocker drive encryption picked once again

Home » Microsoft

Reading time icon 1 min. read

Calendar icon Published on

by Surur Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Security researchers have found that they were able to beat Microsoft’s Bitlocker full drive encryption using a simple $30 Field-Programmable Gate Array (FPGA).

The vulnerability is present when Bitlocker is used in its basic and least intrusive configuration – where logging onto your PC unlocks your drive. More secure configurations require you to enter a password before being able to boot.

Denis Andzakovic of Pulse Security was able to use the FPGA chip to sniff the Windows BitLocker encryption keys during boot as it travelled from the TMP over the Low Pin Count (LPC) bus. Denis was able to unlock both a Surface Pro 3 and HP Laptop.

The vulnerability is not new, but what is, is the low cost and ease with which the hack was performed. Andzakovic (like Microsoft) recommends that if you rely on Bitlocker to keep real secrets secret, you should not rely on the basic configuration, but set up a PIN, two-factor authentication or more.

Via Sophos.com

More about the topics: security

Surur Davids

Surur Davids Shield

Smartphone Expert

Surur Davids is the founder of WMPoweruser which later became MSPoweruser.com. He's a smartphone expert with over a decade of experience.