Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 BitLocker


07 Jun 2010   #1
sandymay

 
 
Windows 7 BitLocker

I was looking to use bit locker to encrypt my whole drive but came across a couple of articles stating this app was not secure.

I was just wondering how it compares to TrueCrypt, would TC be better or do people feel safe with Bit Locker?

Thank you


My System SpecsSystem Spec
.

07 Jun 2010   #2
baarod

Windows 7 Ultimate 64-bit
 
 

Quote   Quote: Originally Posted by sandymay View Post
I was looking to use bit locker to encrypt my whole drive but came across a couple of articles stating this app was not secure.

I was just wondering how it compares to TrueCrypt, would TC be better or do people feel safe with Bit Locker?

Thank you
In February 2008, a group of security researchers published details of a so called "cold boot attack" that allows a Bitlocker-protected machine to be compromised by booting the machine off removable media, such as a USB drive, into another operating system, then dumping the contents of pre-boot memory.[20] The attack relies on the fact that DRAM retains information for up to several minutes (or even longer if cooled) after power has been removed. Use of a TPM module alone does not offer any protection, as the keys are held in memory while Windows is running, although two-factor authentication, i.e. using TPM together with a PIN, offers better protection for machines that are not powered on when physical access to them is obtained. Similar full disk encryption mechanisms of other vendors and other operating systems, including Linux and Mac OS X, are vulnerable to the same attack.[20] The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a "sleep" state) and that a password also be required to boot the machine.

Center for Information Technology Policy Lest We Remember: Cold Boot Attacks on Encryption Keys

TrueCrypt suffers the same "vulnerability".
My System SpecsSystem Spec
07 Jun 2010   #3
logicearth

Windows 8.1 Pro (x64)
 
 

Quote   Quote: Originally Posted by sandymay View Post
I was looking to use bit locker to encrypt my whole drive but came across a couple of articles stating this app was not secure.

I was just wondering how it compares to TrueCrypt, would TC be better or do people feel safe with Bit Locker?

Thank you
For what Bitlocker was designed for it is secure. All the ways that are used to get around it can also be used against TrueCrypt. However, these require extensive work and luck and most require fooling the user. But full disk encryption is not designed for such level of attacks, they are for denying access to the data without proper credentials. Further more, Bitlocker and TrueCrypt both use AES (Advanced Encryption Standard) for encryption.

BitLocker Drive Encryption - Windows 7 Drive - Turn On or Off with no TPM
My System SpecsSystem Spec
.


08 Jun 2010   #4
sandymay

 
 

Thank you for the information and the link to the tutorial.

My computer does not have TPM, so I saved the recovery key to a USB stick which I now need each time I boot up. I had two questions in regards to this.

1. Is there any way to change this so that I can manually type in the key each time rather then use a USB key?

2. I have made a backup of the key. If the USB stick fails, is it just a matter of moving the key to a new USB stick and everything is back to normal again?

Thank you
My System SpecsSystem Spec
08 Jun 2010   #5
baarod

Windows 7 Ultimate 64-bit
 
 

Quote   Quote: Originally Posted by sandymay View Post
Thank you for the information and the link to the tutorial.

My computer does not have TPM, so I saved the recovery key to a USB stick which I now need each time I boot up. I had two questions in regards to this.

1. Is there any way to change this so that I can manually type in the key each time rather then use a USB key?

2. I have made a backup of the key. If the USB stick fails, is it just a matter of moving the key to a new USB stick and everything is back to normal again?

Thank you
1. Not that I know of. Due to the design and functionality of Bitlocker, there is no OS (in the classic sense) loaded to protect or accept a typed-in key.

2. Best to write the key to two sticks as you apparently have done. Once the drive is unlocked you can make another two copies.
My System SpecsSystem Spec
08 Jun 2010   #6
logicearth

Windows 8.1 Pro (x64)
 
 

Quote   Quote: Originally Posted by sandymay View Post
1. Is there any way to change this so that I can manually type in the key each time rather then use a USB key?
The key on the USB is not something you want to type in each time. It is long (can be hundreds of characters) and complex. Nor could you even type it out, it is pure binary data.
My System SpecsSystem Spec
Reply

 Windows 7 BitLocker




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:15 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App