 |
Windows 7: Windows 7 BitLocker
|
07 Jun 2010
|
#1 | |
|
Windows 7 BitLocker
I was looking to use bit locker to encrypt my whole drive but came across a couple of articles stating this app was not secure.
I was just wondering how it compares to TrueCrypt, would TC be better or do people feel safe with Bit Locker?
Thank you
| My System Specs |
| |
07 Jun 2010
|
#2 | |
Windows 7 Ultimate 64-bit Chicago |
Quote: Originally Posted by sandymay  I was looking to use bit locker to encrypt my whole drive but came across a couple of articles stating this app was not secure.
I was just wondering how it compares to TrueCrypt, would TC be better or do people feel safe with Bit Locker?
Thank you In February 2008, a group of security researchers published details of a so called "cold boot attack" that allows a Bitlocker-protected machine to be compromised by booting the machine off removable media, such as a USB drive, into another operating system, then dumping the contents of pre-boot memory.[20] The attack relies on the fact that DRAM retains information for up to several minutes (or even longer if cooled) after power has been removed. Use of a TPM module alone does not offer any protection, as the keys are held in memory while Windows is running, although two-factor authentication, i.e. using TPM together with a PIN, offers better protection for machines that are not powered on when physical access to them is obtained. Similar full disk encryption mechanisms of other vendors and other operating systems, including Linux and Mac OS X, are vulnerable to the same attack.[20] The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a "sleep" state) and that a password also be required to boot the machine. Center for Information Technology Policy » Lest We Remember: Cold Boot Attacks on Encryption Keys
TrueCrypt suffers the same "vulnerability". | | My System Specs | | System Manufacturer/Model Number baarod/MCP
OS Windows 7 Ultimate 64-bit
CPU Core2 Quad Q6600 @ 3.6GHz 9x400FSB
Motherboard Gigabyte G33M-S2H
Memory 4GB DDR2 1066
Graphics Card ATI Radeon HD 4670
Sound Card Integrated Azalia
Monitor(s) Displays Acer AL1711
Screen Resolution 1280x1024
Keyboard Microsoft Wireless Comfort Keyboard 4000
Mouse Microsoft Wireless Lasr Mouse 5000
PSU 240W TFX
Case InWin BT566
Cooling Intel Retail Stock
Hard Drives OCZ Vertex SATAII w/ 1.5FW 30,528MB system and apps
Maxtor 6L300R0 PATA 286,188MB page file, data and user profiles
Internet Speed 3Mbps Verizon DSL over 802.11g
Other Info Hauppauge WinTV PVR II Tuner, Generic $13 SoC Webcam, RT61 WiFi with remote antenna, Media Center Remote and Receiver
|
07 Jun 2010
|
#3 | |
|
Quote: Originally Posted by sandymay I was looking to use bit locker to encrypt my whole drive but came across a couple of articles stating this app was not secure.
I was just wondering how it compares to TrueCrypt, would TC be better or do people feel safe with Bit Locker?
Thank you For what Bitlocker was designed for it is secure. All the ways that are used to get around it can also be used against TrueCrypt. However, these require extensive work and luck and most require fooling the user. But full disk encryption is not designed for such level of attacks, they are for denying access to the data without proper credentials. Further more, Bitlocker and TrueCrypt both use AES (Advanced Encryption Standard) for encryption. BitLocker Drive Encryption - Windows 7 Drive - Turn On or Off with no TPM
Last edited by Brink; 07 Jun 2010 at 10:29 AM..
Reason: added link
| | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Alienware Aurora ALX R4
OS Windows 7 x64 (SP1)
CPU Intel Core i7-3930K (3.2GHz, Turbo 4GHz)
Motherboard Alienware Aurora-R4 x79
Memory 4x Samsung 4GB PC3-12800 DDR3 (16GB 1600MHz)
Graphics Card Nvidia Geforce GTX 690 (Stock)
Sound Card RealTek Integrated Audio
Monitor(s) Displays Dell UltraSharp U3011
Screen Resolution 2560x1600
PSU 875W Some Dell PSU <.<
Hard Drives Samsung P830 256 GB, WD Raptor 150GB, 2x 1TB HDDs
Other Info Dell Inspiron Mini 10v (Intel Atom N270 1.6 GHz; 1GB; Windows 7 Ultimate)
|
08 Jun 2010
|
#4 | |
|
Thank you for the information and the link to the tutorial.
My computer does not have TPM, so I saved the recovery key to a USB stick which I now need each time I boot up. I had two questions in regards to this.
1. Is there any way to change this so that I can manually type in the key each time rather then use a USB key?
2. I have made a backup of the key. If the USB stick fails, is it just a matter of moving the key to a new USB stick and everything is back to normal again?
Thank you | | My System Specs | | |
08 Jun 2010
|
#5 | |
Windows 7 Ultimate 64-bit Chicago |
Quote: Originally Posted by sandymay Thank you for the information and the link to the tutorial.
My computer does not have TPM, so I saved the recovery key to a USB stick which I now need each time I boot up. I had two questions in regards to this.
1. Is there any way to change this so that I can manually type in the key each time rather then use a USB key?
2. I have made a backup of the key. If the USB stick fails, is it just a matter of moving the key to a new USB stick and everything is back to normal again?
Thank you 1. Not that I know of. Due to the design and functionality of Bitlocker, there is no OS (in the classic sense) loaded to protect or accept a typed-in key.
2. Best to write the key to two sticks as you apparently have done. Once the drive is unlocked you can make another two copies. | | My System Specs | | System Manufacturer/Model Number baarod/MCP
OS Windows 7 Ultimate 64-bit
CPU Core2 Quad Q6600 @ 3.6GHz 9x400FSB
Motherboard Gigabyte G33M-S2H
Memory 4GB DDR2 1066
Graphics Card ATI Radeon HD 4670
Sound Card Integrated Azalia
Monitor(s) Displays Acer AL1711
Screen Resolution 1280x1024
Keyboard Microsoft Wireless Comfort Keyboard 4000
Mouse Microsoft Wireless Lasr Mouse 5000
PSU 240W TFX
Case InWin BT566
Cooling Intel Retail Stock
Hard Drives OCZ Vertex SATAII w/ 1.5FW 30,528MB system and apps
Maxtor 6L300R0 PATA 286,188MB page file, data and user profiles
Internet Speed 3Mbps Verizon DSL over 802.11g
Other Info Hauppauge WinTV PVR II Tuner, Generic $13 SoC Webcam, RT61 WiFi with remote antenna, Media Center Remote and Receiver
|
08 Jun 2010
|
#6 | |
|
Quote: Originally Posted by sandymay 1. Is there any way to change this so that I can manually type in the key each time rather then use a USB key? The key on the USB is not something you want to type in each time. It is long (can be hundreds of characters) and complex. Nor could you even type it out, it is pure binary data. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Alienware Aurora ALX R4
OS Windows 7 x64 (SP1)
CPU Intel Core i7-3930K (3.2GHz, Turbo 4GHz)
Motherboard Alienware Aurora-R4 x79
Memory 4x Samsung 4GB PC3-12800 DDR3 (16GB 1600MHz)
Graphics Card Nvidia Geforce GTX 690 (Stock)
Sound Card RealTek Integrated Audio
Monitor(s) Displays Dell UltraSharp U3011
Screen Resolution 2560x1600
PSU 875W Some Dell PSU <.<
Hard Drives Samsung P830 256 GB, WD Raptor 150GB, 2x 1TB HDDs
Other Info Dell Inspiron Mini 10v (Intel Atom N270 1.6 GHz; 1GB; Windows 7 Ultimate)
Windows 7 BitLocker problems? All times are GMT -5. The time now is 10:01 AM. |  |
