This is a pretty foolproof system to ensure that company data is always encrypted (except that you can always turn off encryption on a device, which will decrypt (not destroy) the data. *Ronin – Robert de Niro's character ambushed Sean Bean's character with a cup of coffee.Microsoft allows a system administrator to set a policy that requires the users to enable Bitlocker encyption on any device before it can be written to.
A few deep breaths and they were recovered from a logical place. Had I saved my Bitlocker encryption keys? Where? A call to IT Support told me they didn't have them. Pulling out the now dead power supply and racing to extract the hard drive seemed my only hope. The laptop had shorted out and the drain cleaner had already started to melt the keyboard. I imagine CSI forensic investigators can tell you the same thing. Consequently all the drain cleaner and water poured directly onto the kitchen table and laptop below… (Sorry Nick!) I should perhaps mention that this was a recently installed bathroom to replace the previously leaky bath/shower and the reason why there was no ceiling in the kitchen. The drain cleaner which had been left to do it's work for 24 hours had failed, so using a springy pipe cleaner designed for the purpose, the blockage was removed… along with the cheap 'push to fit' plumbing. The laptop was logged in on the kitchen table when I decided to unblock the shower during my lunch break. Not necessarily… not if the user never logged out.īack in April 2009 and only a month into my probation with SpiderLabs I killed my Trusted Platform Module (TPM) and BitLocker enabled Vista laptop with drain cleaner. …and that according to Microsoft this is expected behaviour?īit Locker is supposed to protect against moving an encrypted drive from one machine to another. What if I told you I could access Mr Bean's encrypted laptop by ambushing him with nothing more than a cup of coffee?* BitLocker has a number of known (mostly theoretical) vulnerabilities but arguably the most critical, only seems to have been acknowledged by Microsoft themselves.
BYPASS BITLOCKER MOVIE
We don't need no steenkin' tools (and other movie references) This SpiderLabs post is only concerned with my own unique BitLocker bypass technique, allow me to lighten the mood somewhat and jump right in, to April 2009 to be precise. However, some guy called Bruce didn't believe it was 'all that', causing the following reaction:
Another tool (Passware Forensic Kit) adds FileVault2 to the list. This tool can reportedly grab encryption keys from memory thereby upsetting users of BitLocker, PGP, TrueCrypt. Yours for only $299! (or £300 if you read El Reg) which makes it between 9,131 & 14,813 Rubles at today's rate. This holiday it's Russian ElcomSoft and their Forensic DiskDecryptor tool. As hard-wired as any Application Specific Integrated Circuit it seems the Infosec community can't go a week without some ruckas.