hardware-level phishing attack - bypassing Microsoft Bitlocker

stephens316

This an interesting article

Germans devise attacks on Windows BitLocker ? The Register

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

tiersten

Bleh. Another new buzzwordy phrase that will get overused ><

RobertKaucher

If the attacker has the ability to replace a PC with an identical one to get the password, you have larger issues to worry about than someone cracking your encrypted drives. All your base are belong to them...

tiersten

RobertKaucher wrote: »

If the attacker has the ability to replace a PC with an identical one to get the password, you have larger issues to worry about than someone cracking your encrypted drives. All your base are belong to them...

^ This exactly

msteinhilber

If I were the bad guy I think I would go the easier route with the rubber hose attack.

veritas_libertas

msteinhilber wrote: »

If I were the bad guy I think I would go the easier route with the rubber hose attack.

More messy though

tiersten

msteinhilber wrote: »

If I were the bad guy I think I would go the easier route with the rubber hose attack.

The solution is to employ a masochist to hold your crypto keys. The potential downside is that they may intentionally get caught...

Hyper-Me

Thats a pretty retarded article.

If someone phyiscally removes your encrypted computer, they will have the rest of their life to research or find some way to decrypt it.

One form of security doesnt imply total security.....You can have bitlocker enabled on all of your servers and workstations, but if they are plugged up outside next to the trash can, there is no guarantee they wont walk off.