Coffeehouse Post

Single Post Permalink

View Thread: Win7 unfixable loophole?
  • User profile image

    ManipUni said:
    BitLocker will only slow an attacker down, which ultimately is its benefit. It secures in the same way a wall safe safeguards your valuables, it just adds minutes that the bad guys have to use getting to them. No security is foolproof and never will be.

    Microsoft's secure computing initative was meant to "solve" these issues but since it wasn't widely adopted for a fair number of legitimate reasons then you're on your own.

    If you really want your data secure then frankly don't let your laptop/machine get taken to begin with. After they have your machine they will get the data out of it. End of story.

    PS - OS wide encryption is snake oil anyway. Just use either per file encryption or per partition, then you'll get strong encryption without the by-design holes in it. Or better remotely download (and expire) files as needed over a secure pipe.
    It's a big joke.  It's a theoretical attack that works against any OS.  It's exactly the kind of thing a TPM was meant to protect against.

    Further, if you have a BIOS password, it won't work.  If you have a system start-up password or fingerprint check, it won't work.  If you don't have any drives in the boot path that can be supplied by the attacker, it won't work.  If you have a TPM + BitLocker it won't work.  If you don't give people physical access to your machine it won't work.  And so on...

    It isn't "unfixable."  It's already been addressed years ago.