Microsoft BitLocker & Security


BitLocker is Microsoft’s drive encryption software that first appeared in Vista and now Windows 7, along with Bitlocker to Go for USB devices. Having Hard drive and USB drive encryption built into the desktop OS is a great idea, as it reduces the cost & complexity barriers for companies looking to adopt better security practices.

Recently, a story came out that Bitlocker had been “broken” and that a commercially available tool was now able to bypass the security (I saw this on Ars Technica but I’m sure many other places reported it too). When I saw the headline I thought “Oh sh*t…that’s a fly in the old ointment ain’t it?” (don’t ask me why I was thinking in that style of voice!) but then I read the article and saw this gem in the 1st paragraph:

“It scans a physical memory image file of the target computer and extracts all the encryption keys for a given BitLocker disk.”

So this requires the machine to be “hot” i.e. on…as soon as it’s turned off, the memory is dumped and it’s ok…not exactly crack of the century is it?! :-) Plus most, if not all encryption offerings from TrueCrypt, PGP etc are vulnerable to this…

The vast majority of comments on Ars Technica saw this for the ineffectual non-story that it was:

 

image

image

although there were of course a few people who took this as a chance to point out that Linux was better that Microsoft and all proprietary software evil…but that’s nothing new!

Ars Technica have made an update to the article saying:

“this isn’t exactly a "crack" for BitLocker”

but it doesn’t really show, in my opinion at least, how pointless the story was and doesn’t re-assure that BitLocker is jsut as safe as people thought it was.

Paul Cooke of the Windows Blog team has a great post all about BitLocker and these recent claims here:

http://windowsteamblog.com/blogs/windowssecurity/archive/2009/12/07/windows-bitlocker-claims.aspx