Microsoft releases a new operating system and everyone wants to make a headline. It happened 2 years ago and it’s happening again.
This time some people are claiming they’ve broken BitLocker. Their attack vectors work two ways:
- Attack the machine while it’s running and a user is logged in. That way they can scan the RAM for cached BitLocker keys. If you have the machine while it’s logged in then you have access to the data. Pointless.
- Gain access to the machine to attack the hardware. Install something to capture the PIN as the machine boots up. Then steal the machine or gain access to it again and use the captured data to access the hard disk data.
That last one would be a threat, admittedly. It’s a far fetched one for laptops but it feasible. I’m guessing that BitLocker with a Smart Card would beat that one assuming the smart card is not kept with the laptop. We know how lazy people can be so – eek. And potentially the latter approach is one to attack on-premises physical servers.
I guess we’ll see.