Bitlocker Security Questions

TraderGary · Jan 26, 2025

Marie SWE said:
This is the problem if they steal the computer.

Beating Bitlocker In 43 Seconds

How long does it take to steal your Bitlocker keys? Try 43 seconds, using less than $10 in hardware. Encrypting your hard drive is good security. If you’re running Windows, the most popular s…

hackaday.com

That was done on a 10-year-old Lenovo that happened to expose the needed pin connections. At the end of the article the author states that if anyone has been able to accomplish this on a more modern computer to let him know. I also understand that Microsoft patched that vulnerability.

TraderGary · Jan 26, 2025

zbook said:
In the future quantum computing may allow quick access to a encrypted drive:

Quantum Computing (60 Minutes)

www.elevenforum.com

Quantum computer theory is very interesting. We're not there yet.

Marie SWE · Jan 26, 2025

TraderGary said:
That was done on a 10-year-old Lenovo that happened to expose the needed pin connections. At the end of the article the author states that if anyone has been able to accomplish this on a more modern computer to let him know. I also understand that Microsoft patched that vulnerability.

I only heard about it..
as i first said.. you always take the easy way and that is to get hold of the key.. The recovery key or your password etc. Face recognition and thumbprint is worst kind of login solutions.. You dont have to be awake for that

Edit
Best is to have the computer non encrypted.. then you use encrypted containers.. so when they want your stuff, they go away when they see its unlocked.. but they still dont get any important data as when or if they even discover the encrypted container.. they are long gone and cant try to get hold of password as you isn't near by anymore.

Win711 · Jan 26, 2025

Marie SWE said:
This is the problem if they steal the computer.

Beating Bitlocker In 43 Seconds

How long does it take to steal your Bitlocker keys? Try 43 seconds, using less than $10 in hardware. Encrypting your hard drive is good security. If you’re running Windows, the most popular s…

hackaday.com

Yep. If a drive is stolen or missing then the assumption has to be that the data is compromised. I'd immediately clean out any digital wallets just like I'd cancel credit cards if they were stolen.

None of the encryption stuff would give me the confidence to just blow it off and not worry. Therefore the encryption only serves to protect against honest people like friends and family while I'm sleeping.

I'm much more worried about online attacks or phishing than I am about someone getting in possession of my drives. Even with 2fa hardware key a website could steal the cookie and then they're already logged in. Cell phones and sim cards can be spoofed to intercept 2fa texts. That's just the attacks I know about, and I don't know much of anything.

TraderGary · Jan 26, 2025

Win711 said:
Of course if laptop is running then it's even easier. I'm describing a travel situation, where you set your device down for a moment then it's gone.

I use biometric Windows Hello, and I'm set to log off if the lid is closed.

Win711 said:
So to test the security, put bitcoin on a laptop, power it down, then publicly announce there is bitcoin on the laptop. If no one can break bitlocker then you cannot lose your bitcoin and you're only out the cost of the laptop in exchange for knowing that bitlocker is indeed secure.

Nonsense.

Win711 · Jan 26, 2025

TraderGary said:
I use biometric Windows Hello, and I'm set to log off if the lid is closed.

Nonsense.

Pride precedes a fall. You've nailed the precondition

Marie SWE · Jan 26, 2025

Win711 said:
Yep. If a drive is stolen or missing then the assumption has to be that the data is compromised. I'd immediately clean out any digital wallets just like I'd cancel credit cards if they were stolen.

None of the encryption stuff would give me the confidence to just blow it off and not worry. Therefore the encryption only serves to protect against honest people like friends and family while I'm sleeping.

I'm much more worried about online attacks or phishing than I am about someone getting in possession of my drives. Even with 2fa hardware key a website could steal the cookie and then they're already logged in. Cell phones and sim cards can be spoofed to intercept 2fa texts. That's just the attacks I know about, and I don't know much of anything.

zero day spyware is worse as it grab everything.
The problem i see is that many apple and microsoft users is denying that apple and microsoft do have access to their data.. as it says that in user agreement and privacy and data collection policy..
I dont see those two as the problem.. i see that if hackers learn how to exploit it and get hold of data.. then its a real problem for billions of people.
and with the new Recall function.. (apple already have it since a few years back) that is a big security risk.. everyone in the IT security realm has this as a discussion.. and it was therefore microsoft paused the program.
Now they say its encrypted and all telemetry traffic is encrypted.. only the user has access to the local data... Idiots :eyeroll:

... a malware operate on the users level.(account)
They also say all passwords are protected.... IF.. if you have added the app to the ignore list.. default is everything except private window in the browser and DRM... But... but only when the window is in focus.. if you have another thing in focus and the window is in the background.. then the content will be snapshot.

Never ever put all eggs in the same basket.. i would not trust windows security more then the length i can throw the microsoft building.

Win711 · Jan 26, 2025

Marie SWE said:
zero day spyware is worse as it grab everything.

That's why I let @Edwin install things before I do

Marie SWE · Jan 26, 2025

Win711 said:
That's why I let @Edwin install things before I do

Like me and windows updates.. i wait a week and see how much people is swearing on windows forums.

hdmi · Jan 27, 2025

TraderGary said:
That was done on a 10-year-old Lenovo that happened to expose the needed pin connections. At the end of the article the author states that if anyone has been able to accomplish this on a more modern computer to let him know. I also understand that Microsoft patched that vulnerability.

The point of the video in that article was that Microsoft kept claiming that BitLocker was secure, yet it took him only 43 seconds and a cheap tool to steal the key. Add the fact that this wasn't the first time when Microsoft had kept claiming that BitLocker was secure, when the reality was that it was not. In my line of work, once you've lost your reputation there is no way to get it back.

TraderGary · Jan 27, 2025

hdmi said:
The point of the video in that article was that Microsoft kept claiming that BitLocker was secure, yet it took him only 43 seconds and a cheap tool to steal the key. Add the fact that this wasn't the first time when Microsoft had kept claiming that BitLocker was secure, when the reality was that it was not. In my line of work, once you've lost your reputation there is no way to get it back.

Yes, he demonstrated that he could hack that particular 10-year-old computer. Why hasn't he demonstrated that he could hack any other computers? After all, it only takes 43 seconds. Maybe because it was all staged for a YouTube video?

hdmi · Jan 27, 2025

TraderGary said:
Yes, he demonstrated that he could hack that particular 10-year-old computer. Why hasn't he demonstrated that he could hack any other computers? After all, it only takes 43 seconds. Maybe because it was all staged for a YouTube video?

Maybe because Microsoft paid him to cover up the fact that he could hack a whole bunch of other computers?

TraderGary · Jan 27, 2025

hdmi said:
Maybe because Microsoft paid him to cover up the fact that he could hack a whole bunch of other computers?

Maybe because you saw it on the Internet, so it has to be true!

hdmi · Jan 27, 2025

TraderGary said:
Maybe because you saw it on the Internet, so it has to be true!

You can test it yourself and find out that it's true.

BitLocker key sniffing is still possible on modern Windows 11 laptops with discrete TPM modules

10-year-old laptops aren't the only devices in danger of this security flaw.

www.tomshardware.com

TraderGary · Jan 27, 2025

hdmi said:
You can test it yourself and find out that it's true.

BitLocker key sniffing is still possible on modern Windows 11 laptops with discrete TPM modules

10-year-old laptops aren't the only devices in danger of this security flaw.

www.tomshardware.com

Sorry, @hdmi, since my processor is a modern Intel Core Ultra 9 185H, my TPM is built into the processor itself. There are no external lines to sniff and this sniffing technique is impossible.

Marie SWE · Jan 27, 2025

hdmi said:
You can test it yourself and find out that it's true.

BitLocker key sniffing is still possible on modern Windows 11 laptops with discrete TPM modules

10-year-old laptops aren't the only devices in danger of this security flaw.

www.tomshardware.com

no use... some people just believe there is such thing as unhackable systems.. as they who believes that microsoft don't collect their personal data.

TraderGary · Jan 27, 2025

Marie SWE said:
no use... some people just believe there is such thing as unhackable systems.. as they who believes that microsoft don't collect their personal data.

Of course, I don't believe that there are unhackable systems. However, I do believe that this particular hack cannot work on my system because my TPM is built in and does not have external lines. And of course, Microsoft collects telemetry. They say they do, and I believe that. You do understand that what you are doing is bordering on a personal attack and I don't appreciate what you're doing.

Win711 · Jan 27, 2025

TraderGary said:
Of course, I don't believe that there are unhackable systems. However, I do believe that this particular hack cannot work on my system because my TPM is built in and does not have external lines. And of course, Microsoft collects telemetry. They say they do, and I believe that. You do understand that what you are doing is bordering on a personal attack and I don't appreciate what you're doing.

I don't think it's a personal attack, but simply pointing out what is. It's pretty obvious that you're confident in your belief that an attack hasn't been demonstrated publicly so there is nothing to fear. That's a choice you're free to make unassailed.

But it's a public discussion so others should be cautioned not to misinterpret rolling the dice for genuine security. That seems to be what others are trying to convey.

A better approach may be to humbly ask how you can improve, rather brag what you've already done, but to each their own.

TraderGary · Jan 27, 2025

Win711 said:
I don't think it's a personal attack, but simply pointing out what is. It's pretty obvious that you're confident in your belief that an attack hasn't been demonstrated publicly so there is nothing to fear. That's a choice you're free to make unassailed.

But it's a public discussion so others should be cautioned not to misinterpret rolling the dice for genuine security. That seems to be what others are trying to convey.

A better approach may be to humbly ask how you can improve, rather brag what you've already done, but to each their own.

OK. Here's the situation. @newmann started this thread with questions about his BitLocker use and BitLocker security.

I've used BitLocker since it was introduced and I've also owned 6 Dell XPS laptops in the past 20 years, including the one @newmann is currently using. While trying to help the OP, the usual Microsoft haters piled in with all their reasons to distrust Microsoft and distrust BitLocker. Just what the OP needed.

And then you jump in and tell me I'm bragging about what I've done and that I need to humbly ask how I can improve.

I can't imagine how frustrated @newmann must feel if he's been following all this nonsense.

XxXxX · Jan 27, 2025

just my thoughts ..
after the cloudstrike problem which affected millions of systems worldwide it was shown very clearly by Microsoft themselves that bitlocker had back doors. thats not an opinion that was direct from Microsoft. to enable access to these affected systems work arounds were used to bypass bitlocker.

please note. i have never used bitlocker so i have no axe to grind.
best of luck, Steve ..

Bitlocker Security Questions

Stock Market Wizard

My Computer

Stock Market Wizard

My Computer

I almost never bite.......

My Computers

Active member

My Computer

Stock Market Wizard

My Computer

Active member

My Computer

I almost never bite.......

My Computers

Active member

My Computer

I almost never bite.......

My Computers

Jack of all trades – master of none

My Computers

Stock Market Wizard

My Computer

Jack of all trades – master of none

My Computers

Stock Market Wizard

My Computer

Jack of all trades – master of none

My Computers

Stock Market Wizard

My Computer

I almost never bite.......

My Computers

Stock Market Wizard

My Computer

Active member

My Computer

Stock Market Wizard

My Computer

Well-known member

My Computers

Similar threads