Things You Don’t Want To Know About Bitlocker

Bitlocker was/is actually pretty good – it’s nicely integrated into Vista, it does its job well, and is really simple to operate. As it was designed www.mcafee.com/activate download to “protect the integrity of the operating system,” most  www.mcafee.com/activate product key who use it implemented www.mcafee/activate it in “TPM Mode,” where no user involvement is required to boot the machine.Everyone I bet – it’s a ubiquitous piece of hardware nowadays. Ok, another show of hands please www.mcafee.com/activate product key for www.mcafee.com/activate download those who’ve enabled, and “Taken ownership?” – yes, mcafee.com/activate product key you remember going www.mcafee.com/activate through the personalization phase of the chip, enabling it in the www.mcafee/activate BIOS etc? Remember, all TPM’s are shipped disabled and deactivated.

What? You didn’t go www.mcafee.com/activate product key www.mcafee.com/activate download through that yet? You didn’t  www.mcafee/activate do that before you deployed your laptops? Oh well, Bitlocker’s going  www.mcafee.com/activate to be www.mcafee.com/activate download  a bit of a struggle for mcafee.com/activate product key you isn’t it?

Fact 1. To use Bitlocker without adding additional mcafee.com/activate product key authentication, you need an enabled, owned TPM1.2+ hardware chip.

Ok, For those of you who did go www.mcafee.com/activate through this www.mcafee/activate I congratulate mcafee.com/activate product key your foresight. The only problem of course is www.mcafee.com/activate product key www.mcafee.com/activate download:

Fact 2. Bitlocker with TPM-Only protection is mcafee.com/activate product key vulnerable to Cold Boot, Firewire and BIOS Keyboard Buffer attacks.

Damn! Sorry to tell you  www.mcafee.com/activate product key this but there are some pretty simple attacks on your TPM-only machines – Do a Google search for www.mcafee/activate and you’ll find lots of research, and even a few tools which will unlock www.mcafee.com/activate your nice “protected” machine and recover the data.

To make a machine www.mcafee.com/activate product key secure, and by that I mean give you protection against having www.mcafee.com/activate download to disclose loss of personal information to all your www.mcafee/activate customers if the machine goes missing, you need to www.mcafee.com/activate use some mcafee.com/activate product key form of pre-windows authentication (with or without TPM as well – it makes no difference). Microsoft www.mcafee.com/activate product key themselves 

For Bitlocker, turning on authentication www.mcafee.com/activate product key gives you a couple of choices www.mcafee.com/activate download, you can set a pin for the machine, and also if you want, you can use a USB storage device (a memory stick, NOT a smart card)  mcafee.com/activate product key as a token. Yes, I did say a pin, www.mcafee/activate and I certainly did not say “your Windows user ID and password” In fact I didn’t mention users at all. Bitlocker officially supports ONE login, so if more than www.mcafee.com/activate one person uses a machine, you’re going to have to share that with everyone.

I feel some facts coming on…

Fact 3. Bitlocker is only secure if you use a pin or www.mcafee.com/activate product key USB stick for authentication

Fact 4. There’s no link between your Windows www.mcafee.com/activate credentials and Bitlocker Credentials

Fact 5. Bitlocker does not support the concept of more than one user

Even Microsoft’s official advice tells you to use a 6+char pin www.mcafee.com/activate download, plus TPM for authentication – no using it in TPM only mode now!

Ok, so now your lucky Bitlocker users havePC’s protected, maybe with a TPM, but certainly with some form mcafee.com/activate product key of authentication which is shared www.mcafee/activate between the owner of the machine, and  www.mcafee.com/activate download probably you (as administrator) www.mcafee.com/activate, and the system guys etc. Hey –  www.mcafee.com/activate product key you probably have an Excel spreadsheet www.mcafee.com/activate product key with everyone’s pin written down?

I hope so, because when www.mcafee.com/activate  those users start  www.mcafee.com/activate download forgetting their pins, who’s at the end of the phone? The good news www.mcafee.com/activate product key is the pin never changes www.mcafee/activate – www.mcafee.com/activate product key there’s no forced change or lifetime.

What do you mean www.mcafee.com/activate product key, that doesn’t www.mcafee.com/activate download fit with your password policy? Did I mention yet that the PIN can mcafee.com/activate product key only be made from the Fn keys, not the normal www.mcafee/activate letter keys unless www.mcafee.com/activate product key you configure a special “Enhanced Pin”  www.mcafee.com/activate mode which does mcafee.com/activate product key not work on non-USA keyboards? Did I mention there’s no 


Comments

Popular posts from this blog

Introducing tracking prevention, now available in Microsoft Edge preview builds

Why businesses need to back up

Hackers and their motives