Positive review of Microsoft’s BitLocker

Posted by Ken Y-N on January 21st, 2009 at 03:11pm

On the Invisible Things Lab’s blog, there was an interesting post on why the writer misses Microsoft’s BitLocker now that she has switched to a Mac. I’m very pleasantly surprised to see such a positive article from a serious security researchers!

She details how BitLocker (Microsoft’s TPM-based disk encryption for Vista) can protect you from a low-level keylogger attack:

So, why the BitLocker would not allow for this simple attack? Because the BitLocker software should actually be able to know that the system gets compromised (by the Evil Program) since the last boot. BitLocker should then refuse to display a password prompt. And even if it didn’t and asked the user for the password, still it should not be able to get the actual decryption key out from the TPM, because the values in the certain PCR register(s) will be wrong (they will now account for the modified hashes of the MBR or PCI EEPROM or BIOS).

The full article is very well worth reading.

Tags: , ,

Under TPM Tags: , ,

Leave a Comment for Positive review of Microsoft’s BitLocker

Required

Required, hidden

RSS Comments Feed RSS Comments Feed  |  Trackback this post

Recent Articles
Adverts

Tags
Blogroll
Categories