Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Microsoft

Microsoft

Windows Vista BitLocker Susceptible to Bypass

Learn a preventive technique

By Marius Oiaga, Technology News Editor

26th of March 2007, 12:55 GMT

Adjust text size:



Enlarge picture
The fact that BitLocker, the data protection technology introduced in Windows Vista Enterprise and Ultimate and in Windows Server Longhorn can be bypassed is not an item of novelty. The issue
has been around since the testing phase of the operating system, but Microsoft failed to find a necessary remedy. Still, the scenario for a successful workaround is a tad far fetched. This however does not exclude a successful bypass.

This is why Microsoft security expert Michael Howard delivered a real-world tip to ensure that BitLocker stays in place. The problem is related to the way laptops running either Windows Vista Enterprise or Ultimate handle the Sleep/Stand By modes in relation to BitLocker.

Microsoft has introduced BitLocker as a means to protect the data on lost or stolen PCs. Drive encryption and the integrity checking of early boot components are two of BitLocker's sub-functions that ensure the data remains encrypted.

BitLocker will prevent unauthorized access to the encrypted Windows volume. All the users and the system files on a machine are protected, even the swap and hibernation files.

But a Windows Vista Ultimate or Enterprise that is recovering from Sleep Mode, will only prompt the users for the log-on credentials and nothing more. "So what I do, is put the machine into Hibernate mode; the mode that writes RAM contents to disk and I have implemented BitLocker so the it requires me to enter a pre-boot PIN," Howard revealed.

In this scenario, the user that wakes up Vista from hibernate is also prompted for the BitLocker PIN. And the Trusted Platform Module at the basis of BitLocker will not go down as easy as it seems. "They could try to guess the PIN but the TPM is used to unlock the disk and has anti-hammer technology built into it. After every n failed attempts the TPM goes to sleep for x seconds - and x increases exponentially. The BitLocker recovery model works fine without the PIN should I forget it in my old age! Sure, Hibernate is a little slower than Sleep, but it does have the advantage of requiring no power, and it could help protect your ass(ets) when you use BitLocker," Howard added.

TAGS:

 BitLocker | encryption | Windows Vista
Read by 2,191 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Fair (2.3/5) 8 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


You'll Need Your Poker Face for the Windows Ultimate Extras

Why Should You Choose Windows Vista Ultimate?

Home Basic - The Handicapped Edition of Windows Vista

Certain Versions of Windows XP Cannot Upgrade to Windows Vista

Microsoft Will Kill Window Vista Ultimate Early

Windows Vista Drivers Database - No More Driver Problems!

Windows Vista to Windows Vista - Upgrade Paths

Windows Vista Power User Guide

Vista - What Lies Beneath

Windows XP Survivors in Windows Vista

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive