Anyone else notice the Bitlocker vulnerability?
I think I found a flaw in the way Bitlocker handles manually entering your key that would make it very vulnerable to a brute force attack. You can read about it
here on my site.
It seems like I am the only one who thinks this a big deal. Is there something I am missing? Is my reasoning flawed somehow?
March 11th, 2011 12:00pm
Well i think there is no problem because the check is only for valid digit-groups. It is not a check for the complete key.
You can try this key 165044-310618-553069-470184-552321-362890-476333-475651. You will be able to insert it and bitlocker will accept it but in the end bitlocker will tell you that the key is wrong although its structure is correct.
So imho no flaw.
Th0u
Free Windows Admin Tool Kit Click here and download it now
March 11th, 2011 12:26pm