BitLocker Vulnerability

AI Thread Summary
The discussion centers around a vulnerability related to Microsoft Windows BitLocker, clarifying misconceptions about its encryption key and password management. The vulnerability arises when a user enters a password into an application, which then stores it in memory. If the device is hibernated before the password is overwritten and subsequently stolen, a thief can potentially access unencrypted passwords from the hibernation file. This scenario requires the absence of multi-factor authentication (MFA) for the service in question, allowing unauthorized access with only the stolen credentials. Additionally, participants discuss issues regarding consent for personal data usage on various platforms, linking it to GDPR regulations. The conversation also touches on technical aspects of the vulnerability, including the potential corruption of registry keys related to crash dump files.
Computer science news on Phys.org
Mistitled: Bitlocker does not have a password, it has an encryption key, and this vulnerability has nothing to do with Bitlocker's encryption key. In order to exploit this vulnerability something like the following sequence needs to happen:
  1. You enter your password into some application
  2. That application stores your password in memory
  3. You hibernate your device before the password is overwritten in memory
  4. Your device is stolen
  5. Despite the fact that your device has been stolen you do not change all your passwords
  6. The thief invests effort in parsing your hibernation file for unencrypted passwords
  7. The thief identifies what service the password relates to
  8. The thief obtains the other relevant credentials (e.g. a user name) - bearing in mind that Bitlocker is still protecting the rest of the information on the disk apart from the hibernation file
  9. The service does not impement MFA (multi-factor authentication), allowing the thief to log in using only the credentials he has discovered
 
Yes, PF sometimes doesn't allow you to change your post. I tried editing before first posting it.
 
WWGD said:
Yes, PF sometimes doesn't allow you to change your post. I tried editing before first posting it.
Usually it's only after a 24-hour period expires. Weird.
 
berkeman said:
Usually it's only after a 24-hour period expires. Weird.
Equally weird, I was asked here, in other sites, for the first time I can remember, to give consent to the site Im in, to use my personal data.
 
WWGD said:
Equally weird, I was asked here, in other sites, for the first time I can remember, to give consent to the site Im in, to use my personal data.
This was at PF? You were asked to give consent to use your personal data? Like Cookies or something else? Do you think it was because you used Bitlocker to sign in?
 
berkeman said:
This was at PF? You were asked to give consent to use your personal data? Like Cookies or something else? Do you think it was because you used Bitlocker to sign in?
Here in PF as well as when I tried to use any app.
 
. @pbuk , as I understood, the vulnerability/hack consists in corrupting a registry key that deals with the management of crash dump files, so that these are written in the dump files unencrypted. Though not sure if direct physical access is needed. @berkeman : From what I read, it seems these dialog boxes arise from a change of laws (GDPR) , re the use, consent to access and use personal information, as a way to pay for "free" apps.
 

Similar threads

4 Chrome Vulnerabilities: Update Now
Replies
1
Views
1K
10-year old security vulnerability in sudo fixed (CVE-2021-3156)
Replies
8
Views
2K
Dealing with the new security règime
Replies
6
Views
1K
More Hacking Threats. NSA Reports....
Replies
2
Views
1K
My Avast Premium Security Gives Me This Scary Message
Replies
7
Views
2K
Why is the Dominos Pizza Website not Secure?
Replies
31
Views
4K
Internet Secrets estimated to survive for 15 years
Replies
14
Views
2K
Are MacBooks the best choice for physics?
Replies
2
Views
2K
Security of computer data and passwords
Replies
3
Views
3K
Lessons From the Millennium Bug
Replies
25
Views
4K

Hot Threads

Recent Insights

Back
Top