Vista encryption 'no threat' to computer forensics

Security advances in Windows Vista are unlikely to frustrate cybercrime investigation, according to a leading computer forensics firm. Enterprise and Ultimate editions of Vista include a feature that provides data volume encryption called BitLocker Drive Encryption. Suggestions that BitLocker contains a backdoor allowing law enforcement agencies automatic access to encrypted volumes have been robustly denied by Microsoft.

But that doesn't necessarily mean the availability of Vista will mean the widespread adoption of disc encryption technologies that will frustrate law enforcement investigations in computer crime, including trafficking in images of child abuse, computer hacking, industrial espionage and other offences. For one thing, in two of its three modes of operation BitLocker requires a cryptographic hardware chip called a Trusted Platform Module and a compatible BIOS. These chips are yet to become widely available much less deployed. The third mode requires a user to insert a USB device that contains a startup key in order to boot the protected OS.

View: The full story
News source: The Reg

Report a problem with article
Previous Story

Lost Planet getting updated in March

Next Story

Creative Technology Makes Profit on Players

23 Comments

Commenting is disabled on this article.

I somewhat like DriveCrypt Plus Pack's full drive encryption, but alas since I'm not a computer forensics expert I have no idea if it's actually doing what it's supposed to do. The most I can verify is that trying to access the encrypted disk via a boot cd shows that there is no drive.. but to actually remove the drive and examine it with all the forensic tools out there---- who knows.

If security is essential then you don't use a closed source solution. That requires too much trust of people and corporations whose interests don't match yours.

However, If you find to the contrary to Microsoft's claims that there isn't any backdoor/workaround etc, may god help the lawyers wrath.

just stick with "TrueCrypt" as it's opensource and i believe it's the best your gonna get for encryption software programs ;)

obviously anyone who's serious about encryption obviously aint going to trust microsoft. lol

For a moment there, I thought the leading forensics firms were just going to admit defeat, quit their jobs and go home...

first all why I make easier for them? I would use whatever method to encrypt my stuff as impossible I can.. even if I commit a crime or not.. if goverment can encrypt there personal **** I will to because they didn't leave back door for us to check up on them..

Actually this IS true, despite anyone claiming the opposite. I've read in the past Microsoft stating this themself.

Just yet another reason not to trust Microsoft with anything that has to do with security. And yet more proof that they intentionally put backdoors and spyware into their products. Then whenever someone discovers it, they just go oops, must be a bug.

Its also why they have their hidden and locked index.dat file that can only be deleted by 3rd party programs. It serves no other purpose except to record every website you have visited. Microsoft likes to make "deals" with the Justice Department.

Yes, due to the TPM chip requirement, it's not taking off very soon, and I believe apps like TrueCrypt would be more accessible for drive/partition/file/USB stick encryption.

A lot of newer laptops have TPM chips. Mine, for example, does. Laptops would seem to be the place where I'd want to use bitlocker, too.

FYI, bitlocker does not REQUIRE TPM... by default it will only work on TPM enabled devices, but you can use a USB stick as well

Well the governments have always been relectant to allow the use of ecryption systems in the public domain that they cant easily crack themselfs.

Has been seen time and again

It's true, I can't imagine many non-corporate clients are going to encrypt their drives. Sounds like a pain really, unless you are business, I don't have anything on my computer that really needs encrypting anyway...

Good call integrating this though, seems pretty solid encryption if using TPM.

There is no backdoor. That's a myth.
There are, however, methods of cracking even the most sophisticated encryption. Nothing is ever %100 secure, OK?

Keep in mind that even if this Bitlocker system was going to frustrate investigators, they wouldn't say so. Why should they admit weakness when they don't have to?

Croquant said,
There is no backdoor. That's a myth.
There are, however, methods of cracking even the most sophisticated encryption. Nothing is ever %100 secure, OK?

And thats a bunch of BS. Please point me to an article where the most sophisticated encryption has been cracked.

TC17 said,

And thats a bunch of BS. Please point me to an article where the most sophisticated encryption has been cracked.

You can brute-force anything, it is just a matter of time. Probably they are betting on people not being willing to pay the performance penalties involved in this.

TC17 said,

And thats a bunch of BS. Please point me to an article where the most sophisticated encryption has been cracked.

I can't, but it's only logical. So sad your brain doesn't understand that.

CheeseCow said,

You can brute-force anything, it is just a matter of time. Probably they are betting on people not being willing to pay the performance penalties involved in this.

right you are, go ahead and bruteforce AES with 128bit, i'll wait till you're finished lol)

DaSaver said,

right you are, go ahead and bruteforce AES with 128bit, i'll wait till you're finished lol)

There is a way to get into AES without bruteforce. Though they are not practical.

There is no software or encryption that is 100% secure. And there will never be. Maybe for now AES is quite hard to crack, but what about 10 years into the future?

TC17 said,

And thats a bunch of BS. Please point me to an article where the most sophisticated encryption has been cracked.


SHA-1 was recently cracked. It may or may not be a "most sophisticated" encryption method but it proves point of concept that nothing is 100% secure. SHA1 has been in use for ~9 years and now it's done.

Microsoft was using SHA1, the government was using SHA1, companies, etc... and now they've been instructed to phase it out, and a new encryption algorithm is needed to be developed (there is essentially a contest to come up with the best one).

Shadowdruid said,

There is a way to get into AES without bruteforce. Though they are not practical.

There is no software or encryption that is 100% secure. And there will never be. Maybe for now AES is quite hard to crack, but what about 10 years into the future?


Well, you're right that there is no 100% secure cipher, but think about DES. It's been 30 years now since it was developed and it is still not broken. There are bunch of tricks like diff. analysis that reduced its security, but again you still need to bruteforce 2^43 bits to find the key... So, there are some VERY good ciphers out there right now although not perfect.