News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Douglas Schweitzer's picture
Douglas Schweitzer

The Security Sector

More posts | Read bio

May 30, 2006 - 5:43 A.M.

Vista's BitLocker to use 1,024 bit encryption!

10 comments

According to this CW article, it looks like one security feature of upcoming Vista OS could have helped prevent what happened recently at the VA. The feature called BitLocker, looks really promising. Allowing users to encrypt all the data on their hard drives, BitLocker is capable of using super-powerful 1,024-bit encryption which is exponentially more powerful than the 128-bit encryption used by Apple's file vault. Keep in mind that while the lowly 128-bit encryption used by Apple to encrypt the contents of a hard drive is still quite tough to crack, it is the use of a weak or ineffective password that is your weakest link and should be your biggest concern. Looks like Apple will need to ratchet their encryption up a notch to "keep up with the Joneses - er, Gates!"

What People Are Saying

Add new comment

Bitlocker IS NOT IS NOT IS

Submitted by DOUG IS A MONKEY on April 6, 2007 - 10:54 P.M.

Bitlocker IS NOT IS NOT IS NOT hardware based, idiot.

In reply to:

Doug Schweitzer wrote:
First off, Bitlocker is hardware based and provides full volume encryption. File Vault software based and only encrypts home directory. Of course they are different. I was merely trying to inject a little humor by saying that Apple has to catch up. That said, I still think BitLocker is a much better option than what Apple has to offer and I'm an Apple fan.

Report this comment

It's all irrelevant as the

Submitted by Anonymous on July 15, 2006 - 12:32 A.M.

It's all irrelevant as the weakest link is still that it uses a "PIN" or password for access. Even if you're using TPM you can access using a password in the recovery mode.

Until such time as we stop relying on people picking keys it's all a waste of time.

Report this comment

First off, Bitlocker is

Submitted by Doug Schweitzer on June 1, 2006 - 12:33 P.M.

First off, Bitlocker is hardware based and provides full volume encryption. File Vault software based and only encrypts home directory. Of course they are different. I was merely trying to inject a little humor by saying that Apple has to catch up. That said, I still think BitLocker is a much better option than what Apple has to offer and I'm an Apple fan.

Report this comment

Like I said, passwords are

Submitted by Doug Schweitzer on June 1, 2006 - 7:32 A.M.

Like I said, passwords are the weak link !

Report this comment

Actually I've been using

Submitted by Anonymous on June 1, 2006 - 7:11 A.M.

Actually I've been using 4096-bit for years now and yes that is significant overkill even for AES. The problem here is that you don't know when/if one of the encryption algorithms may be broken. True it helps to use open source so at least you can check for backdoors (which MS swears up and down will not happen or BitLocker will be withdrawn) and the bigger key the better. Better yet, encrypted containers within an encrypted container using two different algorithms. Just my random thoughts.


BTW, from my experience in systems (physical, network, computer) security, I seriously doubt BitLocker would have helped much. If this is the typical (l)user, the password to the system is somewhere around or dead easy to crack (l0phtcrack anyone?). In any case, I don't expect Vista to be deployed at the VA anytime soon. I'd expect at least two years after release as an absolute minimum, probably longer. I worked at a VA :-(.

Report this comment

Are you aware that the

Submitted by Mike Amling on May 31, 2006 - 2:16 P.M.

Are you aware that the 128-bit key is for a symmetric encryption algorithm? Are you aware that the 1024-bit key is for an asymmetric encryption algorithm? Do you know the difference?

Report this comment

I think we are all aware of

Submitted by Doug Schweitzer on May 31, 2006 - 7:05 P.M.

I think we are all aware of the difference between the two. What point exactly are you trying to make?

Report this comment

The point is that you are

Submitted by Anonymous on June 1, 2006 - 12:05 P.M.

The point is that you are comparing apples to oranges. Using bits to measure the strength of symmetric vs asymmetric encryption gives the wrong answer. 1024 bit RSA keys (which is probably what Bitlock uses) are considered the minimum key size for just a few more years, see http://www.rsasecurity.com/rsalabs/node.asp?id=2004 and http://en.wikipedia.org/wiki/Key_length for more information.

Report this comment

Why not kick it up a notch

Submitted by gene feher on May 30, 2006 - 11:52 A.M.

Why not kick it up a notch and download Protexx's personal vpn software and encrypt all outgoing and incoming data to 2048 bit. I have been using it for 6 months and I am all but invisible when I'm in the tunnel. I am sure that FBI and NSA are aware of 2048 because 128 is sooooooooooo easy to crack. It's a shame because that's all anybody uses.

Report this comment

The problem is that

Submitted by Anonymous on May 30, 2006 - 8:21 A.M.

The problem is that BitLocker is not put to use automatically. There are very good open-source file encryption packages available today, so one does not need either Microsoft or Apple for this. Some open-source encryption packages ar so well done that even the FBI can't crack it. I am user BitLocker has a backdoor, and if not, the feds will make Microsoft put one in there. The VA incident may have happened in the same way with Vista installed on the laptop. Weak passwords and no encryption - then it does not matter which OS is used.

Report this comment

Related Posts

Is the Windows 7 adoption surge driven by piracy?
Spam culture, part 3: Nigeria (and 419 scams)
Los Angeles goes Google; dumps GroupWise; shuns Microsoft; ignores IBM
Your next stop ... the Password Zone

Today's Top Stories

Microsoft confirms IE6, IE7 zero-day bug
iPhone worm steals online bank codes, builds botnet
HP reports solid Q4 on services growth
Report: Apple's 'Black Friday' deals cut Mac prices 8%
Is federal stimulus money being used for IT hardware, not hiring?
PC market crash averted, says Gartner
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.