Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Summary of Bitlocker Discussions

Summary of Bitlocker Discussions

  • Comments 1
  • Likes

Last week there was quite some discussion about “successful attacks” on Bitlocker. Those discussions are often quite interesting for me as they show sometimes that people are looking for one technical solution for all the problems.

Bitlocker has a clear threat model it wants to protect you from. This is mainly the loss of your computer. If it is running and the attacker is admin – well Bitlocker cannot protect you. To quote a blog post of our Windows Security Team: Our discussions of Windows BitLocker have always been to communicate that it is intended to help protect data at rest (e.g. when the machine is powered off).

So, if you want to read the whole post, it is definitely worth it: Windows BitLocker Claims

Roger

Comments
  • That's exactly the point. However there is at least one scenario, in which fresh-stolen notebook may be decrypted even if it's locked (not hibernated or turned of, of course) - if we have FireWire port enabled onboard - it gives access to memory =(

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment