[buran77]

Am I missing something or is this the same TPM bus sniffing for the key exchange attack (from @marcan maybe?) that was detailed some years back but using a cheap Pi? Is this attack BitLocker specific somehow? It looks like it would affect LUKS or others just as well. Just trying to understand the novelty of this particular method or if it's tied to BitLocker in particular.

Anyway, not to detract from the nice work of the author or to tout my own horn but I can hack a lot of encryptions in seconds with a simple keylogger. For the sake of this exercise I'll consider the key exchange (user typing password) is an integral part of any encryption scheme :).

More seriously, I think fTPM or TPM+PIN+USB key would be good ways to avoid this scenario.

[soraminazuki]

> It looks like it would affect LUKS or others just as well.

Except you can use good old password protected FDE on any major desktop operating system other than Windows Home Edition.

> I can hack a lot of encryptions in seconds with a simple keylogger.

A thief can't use your keylogger to decrypt a stolen laptop that's properly encrypted. A rogue recycling shop can't do that either. And kids won't be able to use, uh, Raspberry Pis to decrypt random Surface laptops.

So yes, it's kind of a big deal. People shouldn't have to worry about the TPM details of their devices to benefit from encryption in ways that protect against the most common threats.

[buran77]

> Except you can use good old password

But one could not do that and be just as vulnerable. Same as you can use a PIN on BitLocker and be safe in this case. Which answers my question that this is not something BitLocker specific, just a bit of name dropping to garner more attention. Which is fine from the original author, not so fine from the journalists that picked it up.

> So yes, it's kind of a big deal.

You're not wrong but also this is not new. On close read this is indeed the same attack detailed as far back as 2019, says the internet. Presumably a few dollars cheaper now.

Use an additional factor if you care about that data staying encrypted, it only takes a few seconds and could save you quite the headache.

[yellowapple]

> But one could not do that and be just as vulnerable. Same as you can use a PIN on BitLocker and be safe in this case.

Right, but BitLocker is vulnerable by default whereas LUKS is not, because BitLocker relies on a TPM without a PIN by default whereas LUKS relies on a password by default. Yeah, technically this attack ain't BitLocker-specific, but I don't know of any other FDE implementation that defaults to using a TPM without a PIN/password.

[MikusR]

VeraCrypt works on Windows Home

[nullindividual]

This impacts any encryption scheme using dTPM, which today should be uncommon as fTPM has been in AMD and Intel chips for many years.

[p_l]

It also impacts only dTPM use that does not set up encrypted session first. No idea why Bitlocker doesn't use encrypted session.