Bitlocker No Real Threat To Decryption? 319
An anonymous reader writes "The Register is running a story called 'Vista encryption 'no threat' to computer forensics'. The article explains that despite some initial concerns that lawbreakers would benefit from built-in strong encryption, it's unlikely the Bitlocker technology will slow down most digital forensic analysts. What kind of measures does one need to take to make sure no one but yourself has access to your data? Is Bitlocker just good enough (keeping out your siblings) or does it miss the whole purpose of the encryption entirely?" One would hope an international criminal mastermind could do better than the encryption built into Vista.
I use TrueCrypt (Score:5, Insightful)
Really though, I'd say Bitlocker is probably adequate for most purposes. If you're concerned about siblings, co-workers, rival companies, etc. it will hide your data. If you're trying to hide something from legal authorities, you'd best find another way to hide your data.
Re:Well for one (Score:2, Insightful)
Stupid moderators.
(any security tool) no real threat to forensics (Score:3, Insightful)
Hey, clever idea! (Score:3, Insightful)
From the article:
Hey, there's a clever idea! I wonder where they thought up that one? I'm glad to see people aren't spending all their time worrying about Vista's DRM...
Re:Well for one (Score:5, Insightful)
so anything said against Vista will be modded "Insightful" without the barest show of proof? news for nerds, indeed.
This isn't really a commentary on Vista (Score:3, Insightful)
A USB key is a neat trick to keep the wife away from your pr0n collection, but it won't do you much good if the FBI can force you to hand it over.
Re:Well for one (Score:1, Insightful)
Alright. I'll bite. What governmental agencies? Looking at the Federal pay scale, I can tell you where they ain't.
Missing the point (Score:5, Insightful)
But this is the point of the article and the discussion. Law enforcement and the software vendors who supply them are making a bunch of handwaving "not a problem" noise but this just puts the question onto teh table for discussion, it doesn't even start to answer it.
The question: Is BitLocker safe for really secure work? Which breaks down to smaller questions. Even when used correctly, with a TCPM chip and a good passphrase and good logoff/umount displine is the implementation and design sound? Or is this just a FUD campaign to keep the coppers buying EnCase? Is BitLocker vulnerable to attacks that other encrption solutions would defend against?
Because while, despite the Daily Hate here on Slashdot, America isn't a police state and the innocent have little to fear from their governemt unless they are crimelords, terrorists or that most dreadful scourge, a kiddie porn fiend But that isn't much comfort for the billions of huddled masses yearning to breath free in the unfree parts of the world. PGP was a godsend to political dissidents around the world, is BitLocker a useful tool for them as well or a trojan horse to help despots fill their forced labor camps with the fools who trust it with their secrets?
I call FUD (Score:5, Insightful)
The article says that if the user was using a USB key to unlock the drive, or was in a corporate environment, investigators would be able to get access by taking the USB key or co-operating with the business owners.
It says that if the computer was on they could get access to the disk. That's only if the computer isn't locked of course, and if you were under investigation you would think the criminal would quickly press [Windows key]+L as the police burst in.
Clearly The Register has been doing lots of research to produce this article; they should try and get it published in a crypto journal.
Most importantly they seem to have completely missed the point of drive encryption; it's to protect against theft, not "investigators". Would Microsoft have built the technology into Vista in the hope that more criminals under investigation would buy Vista?
If you're being investigated no drive encryption is going to help; if they want access to your system they can just as easily use hardware keyloggers. They'll have the evidence they want long before they let you know you're being investigated.
If you want a good reason to bash BitLocker how about; it's expensive, and there are free alternatives that are just as good for guarding your data against theft.
TrueCrypt (Score:2, Insightful)
It's a tough job. (Score:4, Insightful)
I think it makes more and more sense to use a VM, if you're concerned about security. You can restore it to a known safe initial state, and you can encrypt its entire world. It seems like a pretty big advantage... oh, and of course, you can move your secure environment to other host machines. Uh. Which may not be all that secure themselves, but hey. I told you this wasn't easy :)
Normally I'm all for bashing MS, but I have yet to see a great solution for this anywhere. So... if any of what I wrote above is new to you, I'd advise that you not trust your Doomsday Device plans (or, more likely, goat porn) to any OS's convenient built-in crypto.
You have to remember.... (Score:4, Insightful)
...that most computers won't have either the Trusted Computing Module (TCM) chip or the super-duper expensive version(s) of Vista that come with BitLocker. And even if some consumer did have all that, he'd have to figure out how to enable and configure it.
The majority of Windows users stick with the defaults. No barrier? 'Course not, because it won't be heavily used...
Re:Summary of article (Score:3, Insightful)
Re:Poe said it in 1843 in "The Gold Bug:" (Score:5, Insightful)
Encryption is merely the process of protecting data for a given amount of time against an attacker with assumed resources. Obviously any infinitely smart attacker with an infinite amount of time can break any encryption method, but no one alive today will be able to break AES-128 within the next 50 years at least, and only then with a major mathematical breakthrough that would probably benefit humanity more than just the broken cipher. If we can't find a mathematical solution to breaking AES, it would take Moore's law approximately 100 years before computer technology was sufficient to break AES. 128 bit key lengths and longer were chosen explicitly to deal with the case that Moore's law will continue unabated and that mathematical breakthroughs are possible.
To put it in practical terms, every DES encrypted message is easily breakable now, but no one is really worried. DES encrypted data is now pretty much worthless. A lot of people overestimate the value of the data they encrypt, and often it's really only necessary to keep secret for a few years or decades at most. Even so, I doubt there will ever be an end to encryption, because even if P=NP there will be problems that are harder to solve than to pose. Such problems can be used for encryption as long as the ratio between the work to encrypt and decrypt is faster than breaking it by a sufficient margin which can usually be increased by lengthening the keys.
Not really (Score:3, Insightful)
If you have PCs with personal data on them, you must destroy or forensically wipe the hard disks before turning them back in to the leasing company -- which is expensive because it requires manual intervention or reduces the value of the asset.
If you can count on BitLocker to be secure, you don't need to care about what's on the PC.
Re:First hand experience (Score:3, Insightful)
Re:I use TrueCrypt (Score:1, Insightful)
It just so happened that the FBI decided to wait until after I had mounted my encrypted volume before busting down the door. I didn't exactly have time to unplug the laptop AND pull out its battery before they aimed their rifles at me and suggested I step away from the computer.
At that point, the only thing that could have saved my data from falling into the wrong hands is a secret self-destruct keystroke (starting a process that writes random bits over the encrypted volume) and some quick thinking on my part.
But even if I had done that, they already had surveillance video of me entering the passphrase, so it would only have been a matter of time before they figured it out anyway if they managed to shut down the computer before the self-destruct process finished. Keep in mind that a 40GB encrypted volume will take a long time to overwrite, even sequentially.
I think the whole point of TFA is that BitLocker would have suffered the same fate.
Re:I use TrueCrypt (Score:3, Insightful)
Re:I use TrueCrypt (Score:3, Insightful)
If "legal authorities" can recover the plaintext then it won't be too long before "rival companies" and "criminal gangs" will have the same ability. It's just a matter of how insecure the least secure police department is.
Encryption's Other Purpose (Score:2, Insightful)
However...
One reason for its use - even in a weak state - is to remove plausible denials.
If I always weakly encrypt an item [and always protect it properly.....] and then at some later stage you show you have access to it that implies that you deliberately accessed it. You had to make a positive action to get to it. You cannot claim that you "accidentally" stumbled on it or that it was published.
Passwording some activities (even with weak passwords) serves a similar purpose.
In both cases the protection is not against determined attackers, rather against accidental leaks.
Re:Well for one (Score:2, Insightful)
Re:It's a tough job. (Score:3, Insightful)
Sure. But what happens when the VPC/VMWare/KVM process is swapped out to disk? You're still running the risk of data leak, if a much smaller one. Not to mention that a compromised host OS (it's unencrypted, remember) can do whatever it wants with your input and output (or if it's really clever, just access the data itself once you've unlocked it). If it's that important to you, get a dedicated laptop and do full-disk crypto. And put that laptop in a safe so you have control over its physical environment. At which point they'll probably declare you an enemy combatant and beat you up until you give them the password anyway.