Now Bitlocker has always been a joke, but this just makes it worse:
Microsoft advertises that Windows 10 is the most secure version of Windows, but yet it is disproven time and time again. In my opinion if you must use Windows 10, just use Veracrypt instead to encrypt your drive. What do you guys think about this?Martin Brinkmann wrote:A security researcher discovered a new issue in Microsoft's Windows 10 operating system that allows attackers to gain access to BitLocker encrypted data.
A post on the Win-Fu blog highlights the method. Basically, what the method does is exploit a troubleshooting feature that is enabled during the upgrade process.
If you press Shift-F10, you open a command prompt window which lets you access the storage devices of the operating system.There is a small but CRAZY bug in the way the "Feature Update" (previously known as "Upgrade") is installed. The installation of a new build is done by reimaging the machine and the image installed by a small version of Windows called Windows PE (Preinstallation Environment).
This has a feature for troubleshooting that allows you to press SHIFT+F10 to get a Command Prompt. This sadly allows for access to the hard disk as during the upgrade Microsoft disables BitLocker.
Since BitLocker protection is disabled during upgrades, it means that anyone exploiting the issue gets access to all files that are usually encrypted by BitLocker.