Sign up to save your podcasts
Or
Share Stolen Laptops, Modern physical access attacks with Pierre Nicolas Allard Coutu
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Stolen Laptops, Modern physical access attacks with Pierre Nicolas Allard Coutu
Stolen laptop, full-disk encryption, and “it’s fine, BitLocker’s got this”. In this talk, Pierre‑Nicolas Allard‑Coutu shows how modern physical attackers can still fully compromise your Windows 10 and 11 laptops using advanced DMA techniques.
In “Stolen Laptops: Modern Physical Access Against Hardware and Firmware (Part 2),” Pierre takes you from zero to 100 on real‑world stolen‑laptop scenarios, showing how attackers move from a powered‑off, encrypted device to full kernel‑level code execution and credential theft. This talk is ideal for blue and red teams, Windows endpoint and fleet owners, enterprise IT admins, and anyone responsible for hardening laptops in high‑risk environments. You’ll see how DMA attacks using PCIe/Thunderbolt and FPGA boards work in practice, why relying on TPM‑only BitLocker configurations is no longer enough, and how features like VBS, Kernel DMA Protection, IOMMU, BIOS passwords, and NVRAM can be bypassed or abused. Key questions this talk helps answer include:
• What can a motivated attacker really do with a stolen, “encrypted” corporate laptop?
• How do modern DMA attacks defeat Kernel DMA Protection and VBS on Windows 10 and 11?
• Which concrete policies (BitLocker, BIOS, firmware, and MFA) actually disrupt this kill chain?
This session was recorded live at BSides Vancouver Island 2025 at the Victoria Conference Centre in Victoria, BC.
If you enjoy this talk, please subscribe to the BSides Vancouver Island channel for more community‑driven security content from Vancouver Island and beyond. Join our Slack to stay up to date: https://communityinviter.com/apps/visrs/visrs. Check out more sessions in the BSides Vancouver Island playlist to keep leveling up your hardware, firmware, and endpoint security knowledge.
BSides Vancouver Island returns to the Victoria Conference Centre in Victoria, BC on Friday, September 25, 2026. Stay tuned for sponsorship, speaker, attendance, and volunteering opportunities.
View all episodes
By Stolen laptop, full-disk encryption, and “it’s fine, BitLocker’s got this”. In this talk, Pierre‑Nicolas Allard‑Coutu shows how modern physical attackers can still fully compromise your Windows 10 and 11 laptops using advanced DMA techniques.
In “Stolen Laptops: Modern Physical Access Against Hardware and Firmware (Part 2),” Pierre takes you from zero to 100 on real‑world stolen‑laptop scenarios, showing how attackers move from a powered‑off, encrypted device to full kernel‑level code execution and credential theft. This talk is ideal for blue and red teams, Windows endpoint and fleet owners, enterprise IT admins, and anyone responsible for hardening laptops in high‑risk environments. You’ll see how DMA attacks using PCIe/Thunderbolt and FPGA boards work in practice, why relying on TPM‑only BitLocker configurations is no longer enough, and how features like VBS, Kernel DMA Protection, IOMMU, BIOS passwords, and NVRAM can be bypassed or abused. Key questions this talk helps answer include:
• What can a motivated attacker really do with a stolen, “encrypted” corporate laptop?
• How do modern DMA attacks defeat Kernel DMA Protection and VBS on Windows 10 and 11?
• Which concrete policies (BitLocker, BIOS, firmware, and MFA) actually disrupt this kill chain?
This session was recorded live at BSides Vancouver Island 2025 at the Victoria Conference Centre in Victoria, BC.
If you enjoy this talk, please subscribe to the BSides Vancouver Island channel for more community‑driven security content from Vancouver Island and beyond. Join our Slack to stay up to date: https://communityinviter.com/apps/visrs/visrs. Check out more sessions in the BSides Vancouver Island playlist to keep leveling up your hardware, firmware, and endpoint security knowledge.
BSides Vancouver Island returns to the Victoria Conference Centre in Victoria, BC on Friday, September 25, 2026. Stay tuned for sponsorship, speaker, attendance, and volunteering opportunities.