Have you used bitlocker?

Have you used bitlocker?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Have you used bitlocker? phasmid123 12-08-2006
Posted by phasmid123 on December 8, 2006, 2:56 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Is it true that bitlocker only protects the hard drive when it's
OFFLINE? Consider the scenarios:

1) I have a TPM capable laptop running bitlocker. The laptop is NOT
joined to a domain and boots automatically to my default account
without asking for user logon and password. Let's say this laptop is
stolen, the thief can boot it up normally (just like what I do) and
transfer the file to another location, correct?

2) I have a TPM capable laptop running bitlocker. It is not joined to
the domain but Windows prompts me to enter a local account name and
password before completing the boot process. If I lose this laptop, the
thief cannot obtain any data unless the logon and password is known,
correct?

What I'm trying to say is, are you only protected by your Windows
password with bitlocker? If that your Windows passwd is compromised
then the encryption is useless?


Posted by S. Pidgorny on December 8, 2006, 4:16 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
You are protected not only by your Windows password. TPM access has no
dependency on that, required to decrypt disc.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

> Is it true that bitlocker only protects the hard drive when it's
> OFFLINE? Consider the scenarios:
>
> 1) I have a TPM capable laptop running bitlocker. The laptop is NOT
> joined to a domain and boots automatically to my default account
> without asking for user logon and password. Let's say this laptop is
> stolen, the thief can boot it up normally (just like what I do) and
> transfer the file to another location, correct?
>
> 2) I have a TPM capable laptop running bitlocker. It is not joined to
> the domain but Windows prompts me to enter a local account name and
> password before completing the boot process. If I lose this laptop, the
> thief cannot obtain any data unless the logon and password is known,
> correct?
>
> What I'm trying to say is, are you only protected by your Windows
> password with bitlocker? If that your Windows passwd is compromised
> then the encryption is useless?
>



Posted by Saqib Ali on December 10, 2006, 4:59 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
If the thief who stole your laptop knows your pre-boot password then
any FDE suite including BitLocker is useless.

The TPM in the case of BitLocker essentially binds and wraps the key
used to encrypt your HDD. If the thief doesn't know your password and
tries to take the HDD out and plug it in different computer with a
TPM, it is rendered useless because each TPM has a unique SRK.

If the thief tries to brute-force the password, the FDE suite can be
setup to either lock itself out or perform a quick erase of the data on
the drive.

If you have highly confidential data and fear that the password might
be leaked out, try using a FDE suite that supports 2-factor
authentication. See:
http://www.full-disk-encryption.net/Full_Disc_Encryption.html ; and
http://www.xml-dev.com/blog/index.php?action=viewtopic&id=250

for list of of products that support 2-factor pre-boot authentication


saqib
http://www.full-disk-encryption.net


Posted by phasmid123 on December 12, 2006, 5:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Saqib,

Thanks for your reply. I guess I'm just not sure how Bitlocker works.
Have you used it? Let's say I have a laptop with Bitlocker installed
(TPM only setup), what happens when I boot the laptop? Does it first
ask for a Bitlocker password before booting to OS?

JK



Saqib Ali wrote:
> If the thief who stole your laptop knows your pre-boot password then
> any FDE suite including BitLocker is useless.
>
> The TPM in the case of BitLocker essentially binds and wraps the key
> used to encrypt your HDD. If the thief doesn't know your password and
> tries to take the HDD out and plug it in different computer with a
> TPM, it is rendered useless because each TPM has a unique SRK.
>
> If the thief tries to brute-force the password, the FDE suite can be
> setup to either lock itself out or perform a quick erase of the data on
> the drive.
>
> If you have highly confidential data and fear that the password might
> be leaked out, try using a FDE suite that supports 2-factor
> authentication. See:
> http://www.full-disk-encryption.net/Full_Disc_Encryption.html ; and
> http://www.xml-dev.com/blog/index.php?action=viewtopic&id=250
>
> for list of of products that support 2-factor pre-boot authentication
>
>
> saqib
> http://www.full-disk-encryption.net


Posted by Saqib Ali on December 12, 2006, 5:39 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
> Thanks for your reply. I guess I'm just not sure how Bitlocker works.
> Have you used it? Let's say I have a laptop with Bitlocker installed
> (TPM only setup), what happens when I boot the laptop? Does it first
> ask for a Bitlocker password before booting to OS?

Yes. Bitlocker offers in many modes. In one of the modes, Bitlocker
does require a password before booting into the OS. It is called the
pre-boot authentication. And lot of other FDE products provide that as
well.

saqib
http://www.full-disk-encryption.net


Similar ThreadsPosted
bitlocker and error 0X8007001B April 30, 2008, 12:06 pm
Vista: BitLocker Blob Location/Backup June 22, 2006, 7:03 pm

The site map in XML format XML site map

Contact Us | Privacy Policy