Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Douglas Schweitzer

The Security Sector

Vista's BitLocker to use 1,024 bit encryption!

10 comments

IT TOPICS:Security

According to this CW article, it looks like one security feature of upcoming Vista OS could have helped prevent what happened recently at the VA. The feature called BitLocker, looks really promising. Allowing users to encrypt all the data on their hard drives, BitLocker is capable of using super-powerful 1,024-bit encryption which is exponentially more powerful than the 128-bit encryption used by Apple's file vault. Keep in mind that while the lowly 128-bit encryption used by Apple to encrypt the contents of a hard drive is still quite tough to crack, it is the use of a weak or ineffective password that is your weakest link and should be your biggest concern. Looks like Apple will need to ratchet their encryption up a notch to "keep up with the Joneses - er, Gates!"

Email this

Digg this

What People Are Saying

Add new comment

Bitlocker IS NOT IS NOT IS

Submitted by DOUG IS A MONKEY on April 6, 2007 - 10:54 P.M.

Bitlocker IS NOT IS NOT IS NOT hardware based, idiot.

In reply to:

Doug Schweitzer wrote:
First off, Bitlocker is hardware based and provides full volume encryption. File Vault software based and only encrypts home directory. Of course they are different. I was merely trying to inject a little humor by saying that Apple has to catch up. That said, I still think BitLocker is a much better option than what Apple has to offer and I'm an Apple fan.

Report this comment

It's all irrelevant as the

Submitted by Anonymous on July 15, 2006 - 12:32 A.M.

It's all irrelevant as the weakest link is still that it uses a "PIN" or password for access. Even if you're using TPM you can access using a password in the recovery mode.

Until such time as we stop relying on people picking keys it's all a waste of time.

Report this comment

First off, Bitlocker is

Submitted by Doug Schweitzer on June 1, 2006 - 12:33 P.M.

First off, Bitlocker is hardware based and provides full volume encryption. File Vault software based and only encrypts home directory. Of course they are different. I was merely trying to inject a little humor by saying that Apple has to catch up. That said, I still think BitLocker is a much better option than what Apple has to offer and I'm an Apple fan.

Report this comment

Like I said, passwords are

Submitted by Doug Schweitzer on June 1, 2006 - 7:32 A.M.

Like I said, passwords are the weak link !

Report this comment

Actually I've been using

Submitted by Anonymous on June 1, 2006 - 7:11 A.M.

Actually I've been using 4096-bit for years now and yes that is significant overkill even for AES. The problem here is that you don't know when/if one of the encryption algorithms may be broken. True it helps to use open source so at least you can check for backdoors (which MS swears up and down will not happen or BitLocker will be withdrawn) and the bigger key the better. Better yet, encrypted containers within an encrypted container using two different algorithms. Just my random thoughts.

BTW, from my experience in systems (physical, network, computer) security, I seriously doubt BitLocker would have helped much. If this is the typical (l)user, the password to the system is somewhere around or dead easy to crack (l0phtcrack anyone?). In any case, I don't expect Vista to be deployed at the VA anytime soon. I'd expect at least two years after release as an absolute minimum, probably longer. I worked at a VA :-(.

Report this comment

Are you aware that the

Submitted by Mike Amling on May 31, 2006 - 2:16 P.M.

Are you aware that the 128-bit key is for a symmetric encryption algorithm? Are you aware that the 1024-bit key is for an asymmetric encryption algorithm? Do you know the difference?

Report this comment

I think we are all aware of

Submitted by Doug Schweitzer on May 31, 2006 - 7:05 P.M.

I think we are all aware of the difference between the two. What point exactly are you trying to make?

Report this comment

The point is that you are

Submitted by Anonymous on June 1, 2006 - 12:05 P.M.

The point is that you are comparing apples to oranges. Using bits to measure the strength of symmetric vs asymmetric encryption gives the wrong answer. 1024 bit RSA keys (which is probably what Bitlock uses) are considered the minimum key size for just a few more years, see http://www.rsasecurity.com/rsalabs/node.asp?id=2004 and http://en.wikipedia.org/wiki/Key_length for more information.

Report this comment

Why not kick it up a notch

Submitted by gene feher on May 30, 2006 - 11:52 A.M.

Why not kick it up a notch and download Protexx's personal vpn software and encrypt all outgoing and incoming data to 2048 bit. I have been using it for 6 months and I am all but invisible when I'm in the tunnel. I am sure that FBI and NSA are aware of 2048 because 128 is sooooooooooo easy to crack. It's a shame because that's all anybody uses.

Report this comment

The problem is that

Submitted by Anonymous on May 30, 2006 - 8:21 A.M.

The problem is that BitLocker is not put to use automatically. There are very good open-source file encryption packages available today, so one does not need either Microsoft or Apple for this. Some open-source encryption packages ar so well done that even the FBI can't crack it. I am user BitLocker has a backdoor, and if not, the feds will make Microsoft put one in there. The VA incident may have happened in the same way with Vista installed on the laptop. Weak passwords and no encryption - then it does not matter which OS is used.

Report this comment

Is the Windows 7 adoption surge driven by piracy?

Spam culture, part 3: Nigeria (and 419 scams)

Los Angeles goes Google; dumps GroupWise; shuns Microsoft; ignores IBM

Your next stop ... the Password Zone

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

The State of PCI DSS Compliance at Organizations Today
Download this resource today!

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.

Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!

All White Papers | All Webcasts