Edge Show 102 - BitLocker: Preauth, PINS, UEFI and protections
- Posted: May 08, 2014 at 9:49AM
- 42,198 views
- 2 comments
Loading user information from Channel 9
Something went wrong getting user information from Channel 9
Loading user information from MSDN
Something went wrong getting user information from MSDN
Loading Visual Studio Achievements
Something went wrong getting the Visual Studio Achievements
Right click “Save as…”
In this episode Simon May interviews Chris Hallum from the Windows team about BitLocker pre-boot PIN in Windows 8.1 and they answer the question of why you probably don't need a pre-boot PIN any longer. BitLocker in Windows 8.1 and also potentially in Windows 7 when running on modern UEFI enabled hardware no longer need a pre-boot PIN because of enhancements in UEFI and also other components of Windows that make it harder for some common attack vectors to succeed.
Here's how the episode breaks down for those time skippers:
[08:26] : Interview
[09:08] : Device Encryption vs BitLocker
[12:23] : Protecting Devices with Pre-Boot Auth
[13:46] : Why did we have pre-boot auth in the past?
[16:50] : Downsides to Pre-Boot Auth
[17:41] : Protecting Devices with Pre-Boot Auth
[18:15] : Mitigating DMA Port attacks
[23:44] Mitigating Memory Remanence Attacks
Finally here is the whitepaper that Chris and Simon mention.
Also we have this weeks news including:
Connect with the Edge Team: