In this episode Simon May interviews Chris Hallum from the Windows team about BitLocker pre-boot PIN in Windows 8.1 and they answer the question of why you probably don't need a pre-boot PIN any longer. BitLocker in Windows 8.1 and also potentially in Windows 7 when running on modern UEFI enabled hardware no longer need a pre-boot PIN because of enhancements in UEFI and also other components of Windows that make it harder for some common attack vectors to succeed.
Here's how the episode breaks down for those time skippers:
[08:26] : Interview
[09:08] : Device Encryption vs BitLocker
[12:23] : Protecting Devices with Pre-Boot Auth
[13:46] : Why did we have pre-boot auth in the past?
[16:50] : Downsides to Pre-Boot Auth
[17:41] : Protecting Devices with Pre-Boot Auth
[18:15] : Mitigating DMA Port attacks
[23:44] Mitigating Memory Remanence Attacks
Finally here is the whitepaper that Chris and Simon mention.
Also we have this weeks news including:
Connect with the Edge Team: