bitlocker recovery on windows surface 3

I got to experience a bitlocker recovery process, on a Microsoft surface pro 3 computer.

On booting, the bootloader reported that the cng driver is corrupt (and none of rest of the rest of the loading sequence would work. Traditionally, though it may no longer be the case, cng stood for crypt next generation.

Aha, I thought. Perhaps the recent firmware updated – talking to the TPM – didn’t work well, leaving things in a strange state.

373 374

So I learned to boot the machine into the UEFI setup manager, and disabled both TPM and secure boot. On rebooting, the machine detected that it could not decrypt the bit-locked file, and induced me to find my bit-locked recovery keys.

Presumably, FBI can do the same… with or without my cooperation. More useless American assurances in the crypto regime.

374 375

I wonder what state my PC is in, re TPM etc?




Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in coding theory. Bookmark the permalink.