Moose |
Don't make me assume my ultimate form!
|
|
|
Reged: 05/03/04
|
Posts: 1483
|
Loc: Outback, Australia
|
|
Send PM
|
|
Re: Whats wrong with Bitlocker?
08/01/15 06:30 AM
|
|
|
> > If you're using Pro, Bitlocker is available. Truecrypt has pissed me off more than > > once cause if your Windows install becomes borked, you can't repair it with Windows > > tools unless you decrypt the drive, which is bullshit, IMO. I'm going to assume > since > > Bitlocker is made by MS, that isn't an issue. Encrypting external/flash drives is > > easy with bitlocker and the nice thing is even if bitlocker isn't a feature on your > > version of Windows (Home editions), the OS is still aware and allows you to > > authenticate to view the drive's contents. > > All good points. > > Nothing is wrong with Bitlocker .... it is just that everything I has is encrypted > with TrueCrypt ..... I have not looked into it, but if Bitlocker can read / write / > handle TrueCrypt volumes / files / disks, then there's no problem at all, I'll just > change over to BitLocker. Otherwise, I'll have to convert or else decrypt and > re-encrypt.
Update: I've just been doing some research into BitLocker and I do have concerns about Bitlocker, for example:
(1). "Starting with Windows 8 and Windows Server 2012 Microsoft removed the Elephant Diffuser from the BitLocker scheme for no declared reason.[35] Dan Rosendorf's research shows that removing the Elephant Diffuser had an "undeniably negative impact" on the security of BitLocker encryption against a targeted attack."
REF: https://en.wikipedia.org/wiki/BitLocker
My question: WTF would someone water down the security of their product ??
(2). "According to Microsoft sources,[28] BitLocker does not contain an intentionally built-in backdoor; without a backdoor there is no way for law enforcement to have a guaranteed passage to the data on the user's drives that is provided by Microsoft. The lack of any backdoor has been a concern to the UK Home Office,[29] which tried entering into talks with Microsoft to get one introduced, although Microsoft developer Niels Ferguson and other Microsoft spokesmen state that they will not grant the wish to have one added.[30] Microsoft engineers have said that FBI agents also put pressure on them in numerous meetings in order to add a backdoor, although no formal, written request was ever made;"
REF: https://en.wikipedia.org/wiki/BitLocker
My question: Who do I trust more - an open source where the code can be reviewed / audited by anyone, or a closed source project from a massive international company which would be a fat, slow target for law enforcement and other agencies to put pressure on ? Personally, I'll take the open source project thanks.
(3). "If you are concerned about clients losing their password or recovery key, you can always have the key backed up to their Microsoft account or you can offer to keep a copy of the key in safekeeping on their behalf in your own internal storage system or similar: http://windows.microsoft.com/en-us/windows-8/bitlocker-recovery-keys-faq%22
REF: https://www.technibble.com/bitlocker-101-easy-free-full-drive-encryption-for-windows/
My question: exactly how is this key stored in your MS account ? Can MS decrypt it ? I'm pretty sure they could.
So, there are 3 BIG potential issues there.
TrueCrypt 7.1a (the most recent safe version) still seems to be a safer option .....
Moose
|
|