In recent days we have given ample space to the news of overcoming of the defenses of BitLocker with a simple and economical Raspberry Pi Pico board. In that case, however, the author of the “exploit” had used a laptop dating back to about 10 years ago, connecting the pins of the Raspberry board to the bus LPC (Low Pin Count), located on the notebook motherboard.
An independent researcher, however, reports that a similar approach can also be used with some models modern notebooks and in his post published on X explicitly mentions the case of Lenovo X1 Carbon Gen 11 (year 2023), based on Windows 11.
Not just 10 year old systems: BitLocker attack possible even on the most recent notebooks. Here’s in which cases
Taking into consideration systems that are certainly newer and updated from an architectural point of view, the steps to follow are a little more complicated but – by following the instructions reported on the GitHub repository of the author of the discovery – it is possible to “intercept” the unencrypted traffic that travel on bus SPI, used for communications between TPM chips and CPU. We talked about it during the summer of 2023, explaining how a logic analyzer allows you to read transit data and bypass BitLocker.
In addition to Lenovo’s X1 Carbon, the page set up on GitHub by Stu Kennedy – this is the name of the expert – contains all the information for reading the decoding code of BitLocker in the case of 5 other modern notebooks: Lenovo Thinkpad L440, Dell Lattitude E7450, Dell Lattitude E5470, Dell Lattitude E5450, Microsoft Surface Pro 3; in addition to the Asus TPM-M R2.0 module.
In all cases, the problem affects systems using a dedicated TPM chip, soldered somewhere on the motherboard (often at the back). Kennedy shows the exact pins you can connect to to read the information used by BitLocker.
To avoid any risk of attack, we remind you once again, it is advisable to rely on functionality fTPM integrated at the processor level and, above all, activate the request of the PIN pre-boot when configuring BitLocker.
Instructions for setting up a PIN to enter immediately when you turn on the computer, after enabling BitLocker, are contained in the article dedicated to how to protect data on hard disks and SSDs with a password at system startup.