Slashdot Mirror
Bitlocker No Real Threat To Decryption?
An anonymous reader writes "The Register is running a story called 'Vista encryption 'no threat' to computer forensics'. The article explains that despite some initial concerns that lawbreakers would benefit from built-in strong encryption, it's unlikely the Bitlocker technology will slow down most digital forensic analysts. What kind of measures does one need to take to make sure no one but yourself has access to your data? Is Bitlocker just good enough (keeping out your siblings) or does it miss the whole purpose of the encryption entirely?" One would hope an international criminal mastermind could do better than the encryption built into Vista.
Really though, I'd say Bitlocker is probably adequate for most purposes. If you're concerned about siblings, co-workers, rival companies, etc. it will hide your data. If you're trying to hide something from legal authorities, you'd best find another way to hide your data.
so anything said against Vista will be modded "Insightful" without the barest show of proof? news for nerds, indeed.
> If you're trying to hide something from legal authorities, you'd best find another way to hide your data.
But this is the point of the article and the discussion. Law enforcement and the software vendors who supply them are making a bunch of handwaving "not a problem" noise but this just puts the question onto teh table for discussion, it doesn't even start to answer it.
The question: Is BitLocker safe for really secure work? Which breaks down to smaller questions. Even when used correctly, with a TCPM chip and a good passphrase and good logoff/umount displine is the implementation and design sound? Or is this just a FUD campaign to keep the coppers buying EnCase? Is BitLocker vulnerable to attacks that other encrption solutions would defend against?
Because while, despite the Daily Hate here on Slashdot, America isn't a police state and the innocent have little to fear from their governemt unless they are crimelords, terrorists or that most dreadful scourge, a kiddie porn fiend But that isn't much comfort for the billions of huddled masses yearning to breath free in the unfree parts of the world. PGP was a godsend to political dissidents around the world, is BitLocker a useful tool for them as well or a trojan horse to help despots fill their forced labor camps with the fools who trust it with their secrets?
Democrat delenda est
All of these "BitLocker" vulnerabilities aren't actually BitLocker vulnerabilities, they're full-disk-encryption vulnerabilities. They apply just as much to my FreeBSD GBDE protected partition as they do to BitLocker, there's nothing new or even interesting in this article. (The summary "No Real Threat To Decryption" is misleading, because there is nothing about decryption in there.)
The article says that if the user was using a USB key to unlock the drive, or was in a corporate environment, investigators would be able to get access by taking the USB key or co-operating with the business owners.
It says that if the computer was on they could get access to the disk. That's only if the computer isn't locked of course, and if you were under investigation you would think the criminal would quickly press [Windows key]+L as the police burst in.
Clearly The Register has been doing lots of research to produce this article; they should try and get it published in a crypto journal.
Most importantly they seem to have completely missed the point of drive encryption; it's to protect against theft, not "investigators". Would Microsoft have built the technology into Vista in the hope that more criminals under investigation would buy Vista?
If you're being investigated no drive encryption is going to help; if they want access to your system they can just as easily use hardware keyloggers. They'll have the evidence they want long before they let you know you're being investigated.
If you want a good reason to bash BitLocker how about; it's expensive, and there are free alternatives that are just as good for guarding your data against theft.
// MD_Update(&m,buf,j);
It was true in 1843; it is true today. Why, exactly, do people continue to be deluded in gambling real money on the belief that some company supplying some cryptographic technology has people in it who are smarter than everybody else in the world?
Encryption is merely the process of protecting data for a given amount of time against an attacker with assumed resources. Obviously any infinitely smart attacker with an infinite amount of time can break any encryption method, but no one alive today will be able to break AES-128 within the next 50 years at least, and only then with a major mathematical breakthrough that would probably benefit humanity more than just the broken cipher. If we can't find a mathematical solution to breaking AES, it would take Moore's law approximately 100 years before computer technology was sufficient to break AES. 128 bit key lengths and longer were chosen explicitly to deal with the case that Moore's law will continue unabated and that mathematical breakthroughs are possible.
To put it in practical terms, every DES encrypted message is easily breakable now, but no one is really worried. DES encrypted data is now pretty much worthless. A lot of people overestimate the value of the data they encrypt, and often it's really only necessary to keep secret for a few years or decades at most. Even so, I doubt there will ever be an end to encryption, because even if P=NP there will be problems that are harder to solve than to pose. Such problems can be used for encryption as long as the ratio between the work to encrypt and decrypt is faster than breaking it by a sufficient margin which can usually be increased by lengthening the keys.