BitLocker broken, sorta

BitLocker is often mentioned as one of the (few) reasons for spending the extra money for Windows 7 Ultimate. BitLocker encrypts the whole drive using a very sophisticated and hard-to-crack technique. The most common use: laptop owners with very sensitive data on their hard drives use BitLocker to make sure that the data on the drive can’t be read, even if the laptop is stolen.

It looks like researchers at the Fraunhofer Institute for Secure Information Technology have found a novel way to crack a BitLocker system. Their approach (documented in this PDF report) requires the bad guys to first steal the laptop, run a simple program, return the laptop to its rightful owner, wait for the owner to start the laptop at least once, then steal the laptop again. If the bad guys can accomplish all of that, they end up with the key for the drive.

It’s more than a little bit disconcerting.

UPDATE: ‘Softie Paul Cooke blogs:

an attacker could spoof the pre-OS collection of the user’s PIN, store this PIN for later retrieval, and then reboot into the authentic collection of the user’s PIN. The attacker would then be required to gain physical access to the laptop for a second time in order to retrieve the user’s PIN and complete the attack scheme.

What Paul says is absolutely true. That’s why I said BitLocker was “sorta” broken. The scenario is pretty hard to imagine in real life. But it could happen.