[thewebguyd]

I wouldn't be surprised if this was intentionally put in, but I think its important to clarify that the encryption itself wasn't broken, and with this exploit specifically the drive also has to remain inside the original PC/TPM. It's a boot authentication bypass, not an encryption break.

As far as we know, having TPM+Pin or TPM+Startup Key breaks the exploit. TPM only was always known to be basically ineffective against threats like laptop theft, TPM only would only protect you if the drive was stolen out of the machine, which in that case, this exploit also would not work.

[cryo32]

I know someone who works for a nefarious gov org and they never put the bitlocker keys in the TPM on their laptops. You have to enter the password yourself on power up.

Wonder if they knew about this.

[tgsovlerkhgsel]

You don't need to be thinking of any specific vulnerability to realize that putting the decryption key next to the data you're trying to protect is a dumb idea.

If for example a laptop like that gets lost or stolen, the attacker has the data and the key, in a box they physically hold, with no attempt limit, and unless they actively mess with the boot process, it will happily load the key into memory for them. If it's a discrete TPM the attacker can likely sniff the key on the wire. If that doesn't work, they just need to find a vuln anywhere in the secure boot process, or in Windows, and again, they have the key. And if that doesn't work, they could sniff the memory bus, or do a cold boot attack (again, with unlimited attempts unless they irreparably damage the mainboard/TPM in the process).

[tatersolid]

The key is still in the TPM in that scenario it just requires a password to unlock it.