BlueHat v18 || An Ice Cold boot to break bitlocker

preview_player
Показать описание
Olle Segerdahl, F-Secure
Pasi Saarinen, F-Secure

A decade ago, academic researchers demonstrated how computer memory remanence could be used to defeat popular disk encryption systems[1]. Today, most seem to believe that these attacks are too impractical for real world use. Microsoft has played down the threat of memory remanence attacks against BitLocker using words such as "they are not possible using published techniques"[2].

We will show techniques that allow recovery of BitLocker encryption keys from RAM on most, if not all, currently available laptops and tablets. These techniques allow bypassing of security controls such as password protected BIOS configuration, UEFI-based Secure Boot and the TCG Platform Reset Attack Mitigation by directly manipulating the firmware storage device (EFI SPI flash chip).

  1. Microsoft Security Response Center (MSRC)
  2. microsoft
  3. security
  4. bluehat
Рекомендации по теме
BlueHat v18 || 0:47:42

BlueHat v18 || An Ice Cold boot to break bitlocker

BlueHat v18 An 0:47:42

BlueHat v18 An Ice Cold boot to break bitlocker

BlueHat v18 || 0:41:40

BlueHat v18 || Overt Command & Control: The Art of Blending In

BlueHat v18 || 0:29:21

BlueHat v18 || Mitigation Bypass: The Past, Present, and Future

BlueHat v18 || 0:40:44

BlueHat v18 || Linear time shellcode detection

BlueHat v18 || 0:42:56

BlueHat v18 || Go Build A Tool

BlueHat v18 || 0:50:50

BlueHat v18 || Cybersecurity for the defense of democracy

BlueHat v18 || 0:46:24

BlueHat v18 || A turla gift - popping calc.exe by sending an email

BlueHat v18 || 0:34:14

BlueHat v18 || May I see your credentials, please

BlueHat v18 || 0:30:42

BlueHat v18 || A mitigation for kernel toctou vulnerabilities

BlueHat v18 || 0:44:03

BlueHat v18 || Securely handling data in marginalized communities

BlueHat v18 || 0:52:30

BlueHat v18 || Protecting the protector

BlueHat v18 || 0:37:53

BlueHat v18 || DEP for the app layer - Time for app sec to grow up

BlueHat v18 || 0:44:57

BlueHat v18 || Badly behaving scripts

BlueHat v18 || 0:45:29

BlueHat v18 || The matrix has you: protecting linux using deception

BlueHat v18 || 0:52:17

BlueHat v18 || First STRONTIUM UEFI Rootkit Unveiled

Do You Have 0:00:18

Do You Have This PHOBIA? 😳

normal vs heat 0:00:15

normal vs heat emoji cat #shortsyoutube #tiktok #heat❌

No way this 0:00:21

No way this stopped her from crying

Female rapper MOCKS 0:00:22

Female rapper MOCKS her opps from the hospital after surviving 😳

Happy birthday, Grimace! 0:00:18

Happy birthday, Grimace!

Jeffy CAUSE YOU'RE 0:00:08

Jeffy CAUSE YOU'RE FULL OF *** MINECRAFT! | JeffyAnimated #Shorts

Kids get caught 0:00:22

Kids get caught eating takis in class and teacher throws them away #shorts

ishowspeed surprises everyone 0:00:22

ishowspeed surprises everyone and wears Argentina shirt 😂

Комментарии
Автор

How could we recover the bitlocker key in case we forgot this and been asked on boot?

irshadt
Автор

what about if you have the recovery key but you cannot the encryption?

XEQUTE
Автор

User has no access to data Either
Bitlocker key should be easier to find.
You do no warn this happens that you lose all data.

Beyond mad at microsoft
Your not helping you are destroying lives of your users

Threadbow
Автор

bitlocker self activated after mobo replacement!!! I can' wipe c:// evidence on there i need for a trial..and there are no keys, anyone who can help comment, lmk NO KEYS. but there has to be auto gen s

alessataylor
Автор

You cannot get any help from Microsoft.
Dell don't care they set up the bit locker but don't tell you.

Spend nearly 2 thousand uk pounds on laptop to lose all yr data
I never buy or use Microsoft ever again
Nor dell.

Mac for me from now on.

Cheers microsoft, you lost all my data. But if their stole laptop they can use no problem.

My disc is blank dell think it's funny.

Threadbow
visit shbcf.ru