Bitlocker?

[Arkaign]

I was sitting here reading my 'Windows Anytime Upgrade' pamphlet, and got quite a chuckle when I arrived at the section entitled 'Advanced Data Protection'.

Listen to this : #3 of the TOP FIVE reasons to 'upgrade' to Vista.

"Windows Bitlocker(TM) Drive Encryption provides full-volume encryption and boot-integrity checking to help ensure that the data on your computer stays confidential, even if your computer is lost, stolen, or decommissioned. Available exclusively on Windows Vista Ultimate."

So .. hackable?

Btw, this isn't an anti-microsoft post, because I realize that there are security vulnerabilities in nearly everything. It just seems a stretch to suggest that this Bitlocker is the end-all be-all of security. "Ensure that the data on your computer stays confidential". Sounds nice, but in the end it will probably be more of a pain in the neck to those who have it. I imagine that it would be fairly easy to circumvent in various ways, depending on the physical and network makeup, as well as a nightmare to try to recover data from quickly in the event of a crashed drive or similar situation.

In the end, I guess it's admirable that they are attempting to increase Windows security .. when you are the 100 billion lb gorilla, everyone is gunning for you. I'm just not sure that it's a good sign that they list it as the #3 reason to move to Vista.

 

[timswim78]

I seem to remember there being a stickied thread in the OS forums that said to be careful when using the encryption in XP because it was uncrackable.

I cannot find it, and we all know how well the search tool works.

 

[Matthias99]

AFAIK, Microsoft's earlier EFS system is very, very secure. So secure that people who use it and somehow lose their certificates can't get their data back.

Bitlocker/EFS provides protection against someone getting physical access to the system (like a stolen, powered-off laptop, or getting ahold of an old hard drive and datamining it), not someone finding a way to access a system without authorization over the network, etc. The systems they use appear to be cryptographically secure.

 

[Nothinman]

It just seems a stretch to suggest that this Bitlocker is the end-all be-all of security.

It's not, but as long as your key is safe it'll take someone centuries the bruteforce an AES encrypted filesystem.

Sounds nice, but in the end it will probably be more of a pain in the neck to those who have it.

Why? You give it the key once on bootup and then it's transparent, how is that a pain in the neck?

I imagine that it would be fairly easy to circumvent in various ways, depending on the physical and network makeup, as well as a nightmare to try to recover data from quickly in the event of a crashed drive or similar situation.

If you imagine that then you probably don't understand how encryption works. But yes, it would make data recovery virtually impossible but then that's the point. Haven't you seen all of the threads from people losing data to EFS encrypted directories? Well this is just like that only it encompasses the whole drive instead of just a few directories.

 

[stash]

It just seems a stretch to suggest that this Bitlocker is the end-all be-all of security

I'm not aware of any such claims.

Sounds nice, but in the end it will probably be more of a pain in the neck to those who have it

Not really. If you use it with a TPM chip, the default mode is to trasparently load the key on boot. So using your computer with Bitlocker in that case is no different than a computer without Bitlocker. Of course, the system is more secure if you enable the options for PIN prompt or a startup key on a USB key in combination with the TPM. I use TPM+PIN on my laptop, and it really isn't a big deal to type a PIN on boot.

I imagine that it would be fairly easy to circumvent in various ways, depending on the physical and network makeup

I love to hear how you would circumvent it, especially since you don't seem to have an understanding of how it works in the first place. Here's the spec on the default encryption algorithm to get you started: http://www.microsoft.com/downloads/deta...-48be-a8d6-8b0034c92555&DisplayLang=en

nightmare to try to recover data from quickly in the event of a crashed drive or similar situation

Which is why the wizard prompts you backup a recovery key to one or more places (external media, printer, etc). And in a domain environment, you can implement policies that will automatically backup a user's key to AD.

 

[Alone]

What's the problem? Local encryption has been around for a while now. Linux has something similar called Truecrypt, and, as far as I know, it's still working quite admirably.

 

[Arkaign]

Originally posted by: Alone
What's the problem? Local encryption has been around for a while now. Linux has something similar called Truecrypt, and, as far as I know, it's still working quite admirably.

Well, true enough Not really a problem so much as it seems a stretch that this is touted as one of the 5 biggest reasons to move to Vista (the Microsoft pamphlet I referenced earlier). And then you can only get it on Vista ultimate. For the price of Ultimate, it seems to me that it might be preferable to pursue more specialized 3rd-party options rather than pack-ins that will certainly suffer a higher number of attack/hacking attempts by the troublemakers of the world.

Maybe it's a symptom of new software releases being evolutionary rather than revolutionary. It seems to me that it's very clear that with the new versions of Windows and Office, they've moved things around basically arbitrarily just to APPEAR new. Combine that with hiding commonly used features that people have gotten used to, and with the nag-tastic new approach to using your own PC, and it's a bit of a letdown. After the excellent experience of using XP for the past few years, I'm really let down by it. Ah, well.

 

[stash]

Not really a problem so much as it seems a stretch that this is touted as one of the 5 biggest reasons to move to Vista (the Microsoft pamphlet I referenced earlier).

Welcome to Marketing 101.

And then you can only get it on Vista ultimate

Technically, that isn't true, but for the purposes of Anytime Upgrade, it is. BitLocker is also available in Enterprise, but that is volume license only.

 

[n0cmonkey]

I don't see Bitlocker as system security, I see it as data security. If only the VA was using it...

 

[Skeeedunt]

Originally posted by: Arkaign
For the price of Ultimate, it seems to me that it might be preferable to pursue more specialized 3rd-party options rather than pack-ins that will certainly suffer a higher number of attack/hacking attempts by the troublemakers of the world.

BitLocker is unlike pretty much anything else out there in that it provides seamless whole-disk encryption. Existing products like EFS, TrueCrypt, PGP, GPG, you name it, all work great for encrypting selected folders. I think the point of BitLocker is that it's mostly or entirely transparent once set up, and that it encrypts everything (i.e. you don't have to worry about copies of otherwise-encrypted files that show up in disk swap, temp files, System Restore, etc.).

 

[drag]

BitLocker is unlike pretty much anything else out there

You mean unique for Windows. Or at least from Microsoft.

There are a few hardware based solutoins that I've heard of that encrypt entire disks. And I am pretty sure that commercial solutions exist for Windows.

For Linux you've been able to ecrypt the boot volumes and swap for quite some time. It's supported in Debian installer, for example. A couple different ways to do it.

 

[stash]

If only the VA was using it...

They will be...

 

[Nothinman]

What's the problem? Local encryption has been around for a while now. Linux has something similar called Truecrypt, and, as far as I know, it's still working quite admirably.

Sadly TrueCrypt uses a custom license which after a cursory read appears to be a combination of the GPL and BSD w/advertising clause with a stipluation to not call any derivatives TrueCrypt. And Linux supports full volume encryption without TrueCrypt via dm-crypt which is under the 'normal' GPL and much better integrated with the rest of the system, I've been using full system encryption via dm-crypt since I setup this machine.

For the price of Ultimate, it seems to me that it might be preferable to pursue more specialized 3rd-party options rather than pack-ins that will certainly suffer a higher number of attack/hacking attempts by the troublemakers of the world.

If you're going to look at 3rd party encryption tools do so because they've been audited by someone you trust, use algorithms you know to be secure, etc but not simply because you think BitLocker will be attacked more. Products with less exposure usually have a lot more problems and when, not if, they finally do get noticed you'll be that much more screwed.

BitLocker is unlike pretty much anything else out there in that it provides seamless whole-disk encryption.

Unlike anything but Linux which supports whole-disk encryption out of the box. Sadly not all distribution's installers let you set it up, but it's there.

 

[Alone]

Interesting; I'll be looking into dm-crypt. Thanks!

 

[n0cmonkey]

Originally posted by: stash

If only the VA was using it...

They will be...

It's a little late to have a party over it.

 

[redbeard1]

I thought I read that you can get around bit locker. Boot from a live Linux CD. While there, use a hex editor to change the drive format type to NTFS for the boot code (or something to that effect). Now use something to rebuild the MBR, like the recovery console. You may need to run a chkdsk on it, and it will probably find some errors, but there supposedly would be some data to be found.

Not for the faint of heart by any means.

If you really want to encrypt a drive use OS X. So far it is supposed to be uncrackable. Vista can be exported to most any country, while OS X does have some limitations as to where is can be shipped, because the encryption is so strong.

 

[stash]

Are you talking about FileVault? FileVault uses a 128 bit AES algorithm, which is the same encryption scheme that Bitlocker uses by default. BL can also be configured to use 256 bit AES. 256 bit AES is also the default algorithm for EFS in XP SP1 and higher. No encryption is unbreakable (with the possible exception of a one-time pad), but I don't see how OS X's encryption is any more secure than either Bitlocker or EFS.

I also don't see how your "workaround" for BL (modifying the boot code?) would work on a system using a TPM. The TPM checks the hashes of the boot files and if they don't match it won't boot. If you use TPM+PIN, the TPM has hammer protection built in, where repeated guessing of the PIN will cause the TPM to stop accepting commands for period of time that grows exponentially longer with each n number of failed attempts.

edit: I should note that the default BL algorithm is 128 bit AES plus a diffuser...the spec is in the link I posted above.

 

[stash]

Also, Vista is authorized to be exported worldwide, except to Cuba, Iran, North Korea, Sudan and Syria. I imagine those restrictions are very similar if not identical to what's in place for OS X.

http://www.microsoft.com/exporting/faq.htm#vista

 

[drag]

Encryption is one of those things that are _virtually_ unbreakable.

It's completely open. Everybody knows how it works, the math, many source code implimentations are aviable. It's solid stuff. _It_Works_ It's all based on very sound mathmatical realities.

Sometimes encryption comes and goes, you have various little hacks you can do sometimes. Also encryption will eventually get weaker as more cpu power comes online, but it's not worth even considuring 256bit AES crackable for at least another couple decades.

For encrypted volumes you have to work on some way of obtaining the key to it.

So what you can do that will probably have the most success rate is to make a image of the harddrive and then try to brute force using common terms and passwords. This will probably have a 60-70% success rate. This is called a 'dictionary attack' and will usually work because of human nature.

Another possible attack that is largely successfull is being a con artist. People call it 'social engineering', but because 'social engineering' is what socialists like to do it has different meaning in the news and they call it 'pretexting'.

The most accurate term is probably just 'lying'.

For example something like the VA will probably used encrypted volumes. However these machines will have their keys recorded in a central place in case tech people need to access the machine or that people forget their keys and such.

So what you can do is maybe break in or get a job at a VA. Something, grab a harddrive out of a laptop, image it, and return it. Then a couple weeks later call up and pretend to be somebody that needs help and have them tell you their password. That may sound outlandish, but people realy do do stuff like that and even make livings from it.

Or you can just pay somebody a hundred bucks or so for their key to the encryption.

All sorts of stuff like that.


But you will never 'crack' the encryption, not until you can get your hands on a super computer or a quantum computer. People are much easier to crack.

 

[redbeard1]

All OS's have an entry in the MBR of the drive describing what type it is. Knowing what your doing with a disk hex editor, you can manually tell a drive to be recognized as whatever OS you want it to be, like CPM or Unix. I forget which partitioning software I was using, but there was a list of 15+ choices to use.

In what I read, it appeared to me they were saying that Bitlocker was just another drive type in the MBR. My assumption was that if you take a locked drive out of the system that has the locking key, put it in something that does not interact with the encryption and hex edit it to be an NTFS MBR in the Live Linux boot CD session, (besides which, Linux probably doesn't care that Windows thinks the drive is locked), you could then proceed to try and get data off of it.

In the end, whatever is used, it mainly keeps the casual snoop out. You don't think the Man would let MS allow perverts and spies to encrypt their data without a way to decrypt it do ya?

Remember...Trust no one!

 

[Nothinman]

Interesting; I'll be looking into dm-crypt. Thanks!

If you're using Debian or Ubuntu the package you'll want is cryptsetup.

All OS's have an entry in the MBR of the drive describing what type it is. Knowing what your doing with a disk hex editor, you can manually tell a drive to be recognized as whatever OS you want it to be, like CPM or Unix. I forget which partitioning software I was using, but there was a list of 15+ choices to use.

Actually it's per-filessytem, not per-OS and it's irrelevant. For example, most Linux partitions are of type 83 but they can contain XFS, ext3, Reiser3, Reiser4, JFS, etc and still be technically valid. I don't believe anything still uses the filesytem type these days for anything except for display purposes.

In what I read, it appeared to me they were saying that Bitlocker was just another drive type in the MBR. My assumption was that if you take a locked drive out of the system that has the locking key, put it in something that does not interact with the encryption and hex edit it to be an NTFS MBR in the Live Linux boot CD session, (besides which, Linux probably doesn't care that Windows thinks the drive is locked), you could then proceed to try and get data off of it.

You can try, but the data would still be encrypted.

In the end, whatever is used, it mainly keeps the casual snoop out. You don't think the Man would let MS allow perverts and spies to encrypt their data without a way to decrypt it do ya?

It keeps anyone without your key out, MS isn't going to be able to market label changing software as encryption. In a pure legal sense it probably won't matter anway, if the court demands that you give them the key and you don't comply you'll just get thrown in jail for contempt of court so as far as they're concerned it's taken care of already.

 

[stash]

You don't think the Man would let MS allow perverts and spies to encrypt their data without a way to decrypt it do ya?

:disgust:

Nothinman beat me to it, but criminals have been using EFS and other encryption for awhile now. Rarely does "The Man" have to crack anything. They just confiscate the machine and compel the suspect to give them their password.

Real life isn't like CSI.

The whole "MS left a backdoor in Bitlocker" tinfoil crap is so worn out.

 

[n0cmonkey]

I crack encryption keys with a rubber hose.

 

[mzkhadir]

I used to work for a company and they used PointSec technology for encryption. I thought it did a good job in protecting the data.

 

[Nothinman]

I used to work for a company and they used PointSec technology for encryption. I thought it did a good job in protecting the data.

Generally the software itself is largely irrelevant, all it tends to do is mange the keys, present the UI, possibly interact with specific apps (i.e. things like Outlook email encryption plugins), etc and so as long as the algorithms it uses are known good, standard, reviewed, etc (i.e. 3DES, AES, Blowfish) then the encryption software will be decent. But if it uses custom crap built in-house run away as fast as you can, if they're not willing to publish the math behind their encryption or even better the source to the encryption routines then they've either got no clue what they're doing or they've got no real faith in their own software.