Recently the vulnerability became known BitLocker A hypothetical attacker could intercept encryption keys using an inexpensive, single-board Raspberry Pi Pico computer that costs less than $5. A decade-old laptop was used as an example, leading us to assume that modern vulnerability models are not susceptible. Apparently, even modern 2023 laptops running Windows 11 can be hacked in a similar way.

The process of obtaining an encryption key has become slightly more complex over the past decade, but the basic method remains the same: intercepting data broadcast from the processor over unencrypted channels to a separate Trusted Platform Module (TPM) chip. Security researcher Stu Kennedy created a page on GitHub that lists laptop models with confirmed vulnerabilities due to a proprietary TPM chip, including the Lenovo X1 Carbon, Dell Latitude E5470, and the Microsoft Surface Pro 3 with a TPM 2.0 chip. SPI, I2C or LPC buses are used for the attack.

It should be noted that this attack method only works if the attacker has physical access to the computer; It will not be possible to remotely interfere with the encryption key. To protect yourself, you can choose additional measures such as using a password or using a USB key at startup. The BitLocker encryption key is stored in the TPM chip by default; The method that can be given can be changed in the system settings. Additionally, many modern Intel and AMD chips have a built-in TPM; This means that it will no longer be possible for their data to be intercepted while exchanging data with the processor.