BitLocker Vulnerability

Computer science news on Phys.org
  • #2
Mistitled: Bitlocker does not have a password, it has an encryption key, and this vulnerability has nothing to do with Bitlocker's encryption key. In order to exploit this vulnerability something like the following sequence needs to happen:
  1. You enter your password into some application
  2. That application stores your password in memory
  3. You hibernate your device before the password is overwritten in memory
  4. Your device is stolen
  5. Despite the fact that your device has been stolen you do not change all your passwords
  6. The thief invests effort in parsing your hibernation file for unencrypted passwords
  7. The thief identifies what service the password relates to
  8. The thief obtains the other relevant credentials (e.g. a user name) - bearing in mind that Bitlocker is still protecting the rest of the information on the disk apart from the hibernation file
  9. The service does not impement MFA (multi-factor authentication), allowing the thief to log in using only the credentials he has discovered
 
  • #3
Yes, PF sometimes doesn't allow you to change your post. I tried editing before first posting it.
 
  • #4
WWGD said:
Yes, PF sometimes doesn't allow you to change your post. I tried editing before first posting it.
Usually it's only after a 24-hour period expires. Weird.
 
  • #5
berkeman said:
Usually it's only after a 24-hour period expires. Weird.
Equally weird, I was asked here, in other sites, for the first time I can remember, to give consent to the site Im in, to use my personal data.
 
  • #6
WWGD said:
Equally weird, I was asked here, in other sites, for the first time I can remember, to give consent to the site Im in, to use my personal data.
This was at PF? You were asked to give consent to use your personal data? Like Cookies or something else? Do you think it was because you used Bitlocker to sign in?
 
  • #7
berkeman said:
This was at PF? You were asked to give consent to use your personal data? Like Cookies or something else? Do you think it was because you used Bitlocker to sign in?
Here in PF as well as when I tried to use any app.
 
  • #8
. @pbuk , as I understood, the vulnerability/hack consists in corrupting a registry key that deals with the management of crash dump files, so that these are written in the dump files unencrypted. Though not sure if direct physical access is needed. @berkeman : From what I read, it seems these dialog boxes arise from a change of laws (GDPR) , re the use, consent to access and use personal information, as a way to pay for "free" apps.
 

Similar threads

Replies
1
Views
314
Replies
2
Views
968
Replies
31
Views
3K
Replies
14
Views
2K
Replies
25
Views
3K
Replies
2
Views
2K
Replies
4
Views
3K
Replies
2
Views
1K
Back
Top