Hacker News new | ask | show | jobs
by cookiengineer 40 days ago
Note that RedSun and Bluehammer were silently patched, with no response to the CVEs by Microsoft, and not accrediting the researcher's work.

That's what this is about. Microsoft doing bad security practices while trying to get away with it, leading to this outcome.

The researcher also claims to have another version ready which allows to also bypass TPM+PIN via a similar backdoor, which I'm inclined to believe.

Why do I believe that? 5 ring 0 zero days within 3 months are so statistically unlikely to be found, by the same person, in such a short time. Whoever this person is really knows their exploits, and must be in the league of Juan Sacco.
1 comments
aiscoming 40 days ago
the only way to bypass PIN would be an actual backdoor in Bitlocker. no way around that. an actual backdoor in microsoft encryption was never documented, and there are Snowden documents showing FBI pressing Microsoft into introducing one and Microsoft refusing

so I call bullshit on the PIN bypass

link
ranger_danger 39 days ago
You're assuming the PIN was ever connected to the key itself in the first place. We don't know how that mechanism works, it could just be a totally separate gate that IS bypassable.
link
bri3d 39 days ago
We can just do research to figure that out? The recent trend towards conspiracy theories against things that are trivially discoverable is so frustrating.

https://post-cyberlabs.github.io/Offensive-security-publicat...

https://blog.scrt.ch/2024/10/28/privilege-escalation-through...

Yes, the PIN is entangled with the key material.

link
ranger_danger 39 days ago
The article shows that the PIN-entangled key material can still be downloaded directly from the TPM.

This means it's vulnerable to an offline bruteforce attack to derive the PIN.

So it's still doable, even in an automated fashion, just slower.

With today's multi-GPU cloud systems available to everyone with a credit card, you can probably crack the default-length 6-digit PIN the same day you extract the key protector.

link
bri3d 39 days ago
I'm glad we were able to move past "We don't know how that mechanism works, it could just be a totally separate gate that IS bypassable" and into the actual way the mechanism works!

> The article shows that the PIN-entangled key material can still be downloaded directly from the TPM.

Not exactly, the TPM has PolicyAuthValue(PIN), so the PIN also needs to be provided to the TPM to unseal the material, and the hardware anti-hammering should prevent brute forcing it this way. The blog post documents dumping the PIN-entangled key material by MITM-ing the TPM communication while a user enters the PIN; the entanglement is a belt-and-suspenders approach.

link
ranger_danger 39 days ago
> the TPM has PolicyAuthValue(PIN)

Where are you seeing that? I can't find it in the article.

It wouldn't make sense to me for that to be the case if the article details how the driver does it own unwrapping/decryption after the KP is extracted. Plus it would probably mean they're lying about TPM+PIN being defeatable.

> The blog post documents dumping the PIN-entangled key material by MITM-ing the TPM communication while a user enters the PIN

I really don't think so... the screenshot with the PIN entry I think was only for hooking his debugger up in order to reverse the driver's decryption process. I don't see where they mention how/when the KP is actually extracted. It looks to me like it's transmitted during boot _before_ the PIN entry, so that the software driver can decrypt it after the user enters the PIN.

They list the steps as:

1. Extract TPM data. The TPM data is encrypted Key Protector (aka KP).

2. Generate the decryption key of KP

3. Decrypt KP

4. Extracting encrypted VMK

5. Decrypt VMK using KP

I didn't see anything about needing to enter a PIN in order to get the TPM data.

If the TPM required a PIN to extract anything, I think there would be no need to manually decrypt anything in software as they show with the python code.

Of course I could be wrong... please feel free to provide more info.

link
pregnenolone 39 days ago
> The recent trend towards conspiracy theories against things that are trivially discoverable is so frustrating.

So true.

link
BuildTheRobots 38 days ago
I've watched my work laptop reboot in the middle of installing Windows Updates without prompting me for a Bitlocker key. It seems obvious to even the casual observer that the pin isn't always required.

I don't remember which updates triggered it, but that was September 2015.

link
ranger_danger 38 days ago
> the pin isn't always required.

From the perspective of the TPM, I have now learned that it is required for it to release the key.

Perhaps those updates didn't really reboot in the traditional sense. If you turn the machine fully off and then back on, and it still doesn't ask for a PIN... now you have my attention.

link
kerneis 35 days ago
Bitlocker can be "paused", which really means the key is written unprotected to disk. This can be done by the user, but also happens temporarily during updates that would change bootchain measurements, because those measurements are used by the TPM to decrypt the key (hence changing them would make the key undecipherable).
link
ranger_danger 35 days ago
I can see someone taking advantage of that under the assumption you can get the machine to update while it's powered on (and already unlocked)... but hopefully that's not what they're calling "TPM+PIN is vulnerable too".
link
cookiengineer 40 days ago
> the only way to bypass PIN would be an actual backdoor in Bitlocker. no way around that. an actual backdoor in microsoft encryption was never documented, and there are Snowden documents showing FBI pressing Microsoft into introducing one and Microsoft refusing

A USB stick containing a masterkey to decrypt a bitlocker volume is literally the definition of a backdoor.

Go on, try it out. It works.

link
aiscoming 40 days ago
no, to access a bitlocker volume which automatically decrypts

thats an LPE, not an encryption backdoor

the USB stick doesnt decrypt bitlocker, it just gives you root after bitlocker was AUTOMATICALLY decrypted

link
stephbook 40 days ago
Smells like a compromise. Microsoft enables BitLocker by default, thus protecting companies and users at scale. But the price is a backdoor they hope noone finds.

Someone else claimed this doesn't affect people who actually care about security and enable boot-time password protection.

link
cookiengineer 40 days ago
> no, to access a bitlocker volume which automatically decrypts

> thats an LPE, not an encryption backdoor

No. RedSun and Bluehammer were LPEs

> the USB stick doesnt decrypt bitlocker, it just gives you root after bitlocker was AUTOMATICALLY decrypted

No, that's not what the bypass does. Maybe go try it out and verify it before you come to your quickly made conclusions?

It's not tied to "automatically decrypted" volumes, whatever that would imply for your setup requiring a pretty pointless TPM keystore for that.

If your case were true, it would also imply that any bitlocker cryptography never really worked because it was automatically decryptable without the need for a password/hash/whatever to get your keys from the keystore, which actually makes it so much worse. Even worse than the previously known coldboot attacks.

link
aiscoming 39 days ago
its pretty obvious you have no idea how bitlocker works, and its various modes - TPM only, TPM+PIN, PIN only
link
cookiengineer 39 days ago
> its pretty obvious you have no idea how bitlocker works, and its various modes - TPM only, TPM+PIN, PIN only

How could anybody besides a Microsoft employee, given the appearance of this bypass technique?

link