Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

The bad guys will use BitLocker, too

The bad guys will use BitLocker, too

  • Comments 14
  • Likes

Got an email today from a customer asking about how BitLocker will affect the ability of law enforcement to conduct forensic analysis of a protected hard drive. Specifically, the person was asking about any back doors that law enforcement could use to bypass the encryption.

The answer is very simple, and I'm sure not what he wanted to hear: there are no back doors. Period.

Think about it for a moment: if there were a back door, would you trust the technology? Of course not. If Microsoft incorporated a mechanism to bypass the encryption, then we'd be weakening the technology for 99.9% of the population to favor the needs of 0.1%. And, surely, the bad guys would find out how to exploit the bypass -- meaning that BitLocker becomes completely useless for you.

Here's a similar example: some people have advocated that cell phones be disabled in certain public places (movie theaters, tunnels, sports stadiums, and so on) because terrorists might use them to remotely trigger bombs. What a bunch of nonsense this is. Communications tools are far more beneficial to the millions of good guys who use them every day (perhaps to save lives?) than to the few bad guys who also use them. Why destroy beneficial utility for everyone just because someone might misuse the technology?

Encryption is amoral. Good guys will use it, and bad guys will use it. We've got to accept that fact. It does no one any good to render beneficial technology useless just because there's the potential that someone might misuse it.

Comments
  • i totally agree with you steve. the feature benefits much more people than compared with the baddies. anyway, nothing if perfect in this world.  that means technology too! :>

  • I work in IT for a sheriff's dept.  There's definitely a lot of objection to the right of citizens to protect their properties, at least by the folks I work with.  It'd take a para-digg-'em shift to have people and law enforcement realize that when it concerns good/bad, then by definition there will be two sides in opposition to any argument posed...except for guns...we just need more guns...leave them guns alone...unless you're bringing more...

  • As Steve mentions, there is absolutely no back door for anyone in BitLocker. However, good investigatory and digital forensic procedures are certainly still very important when working with a Windows Vista computer. I'd suggest that any law enforcement agencies with concerns should have their department contact Microsoft directly.

    - Kai

  • Samuel -- the right of citizens to protect their own property is the foundation of American democracy and indeed is a requirement for any democracy to function, along with transparency in government. It's really quite disheartening when I read that segments of our society are opposed to these very necessary fundamentals.

  • Don't think for a moment that Microsoft won't provide the BitLocker Password Recovery Tool to any verifiable Law Enforcement entity that asks for it!

    (800) 936-5700

  • I agree! There are tools such as truecrypt that offer the same services and making it fool proof encryption is what is needed!

  • slagmi-- What evidence do you have that such a tool exists? Do you work for Microsoft? I can promise you, there is no such tool. There is a Recovery Password Viewer (http://support.microsoft.com/kb/928202), but this is for displaying recovery passwords stored in computer accounts in Active Directory. It will not work if you don't have admin-level access to the domain. It's a pretty safe assumption that bad guys won't be joining their computers to any domains.

    Watches-- there is no such thing as "fool-proof encryption." Given sufficient time and resources, all encryption is ultimately defeatable.

  • I just read your article on Tech ED (link posted at slashdot) and totally agree with you. It is really good to know that IT security in big companies has not completely sold itself to the "Big Brother".

  • yeah, its true.....certainly for the organizations in the initial stages thinkin about security can go for bitlocker. But dont you agree with that, there comes some things like TPM, if your motherboard is gone then you have to kiss goodbye to your valueable information.

    Reply to ravi.rawal@gatewaynintec.in

  • Amazingly, many corporations decide implementing HD encryption recovery procedures that degrade level of protection given by BitLocker using TPM to that of a helpdesk guy's password.

    Re. governments having access to backdoors and such: the government agencies _know_ that there's no backdoor. Besides having Steve's and Steve's word, they have access to Windows sources.

  • Ravi-- this is why BitLocker (and any good enterprise-grade encryption product) includes a recovery mechanism. It's all very well documented on Microsoft.com.

  • I think cellphones should be banned in movie theatres because they are annoying. If a movie threatre agrees with me then they should be honest about their reason rather than hiding behind a "security" argument. Saying they are doing something for "security purposes" is a strange kind of "reverse security theatre".

    Cheers

    Craig

  • Generally speaking, a smart criminal (the sort that would know about Bitlocker and use it in the right way) wouldn't keep records of their criminal activity on their computer anyway.

    Alternatively they could use "one time pads" to effectively encrypt stuff that they want to keep secret without worrying about whatever secrecy features their operating system has.

    You don't need a computer to keep things secret. Stuff like bitlocker just makes it a little easier.

  • <strike>Communications tools</strike> Firearms are far more beneficial to the millions of good guys who use them every day (perhaps to save lives?) than to the few bad guys who also use them. Why destroy beneficial utility for everyone just because someone might misuse <strike>the technology</strike> them?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment