Regarding Bitlocker in Windows Vista

**AmberJain** · Sep 17 '08, 02:03 PM

HELLO,

Visit link below at wikipedia to know more about BitLocker Drive Encryption.
Wikipedia

Read the wikipedia's article and then post back if you still have problems.

P.S.- Many people post on online forums about such topics while posting completely absurd or misinterpreted information. So unless you know that person replying to your question is a real expert in associated field, dont believe him/her completely. It is better to rely on sources such as Wikipedia for information.

HOPE THIS HELPS........
AmbrNewlearner

**lifeisgreat20009** · Sep 17 '08, 02:14 PM

Originally posted by ambrnewlearner

HELLO,

Visit link below at wikipedia to know more about BitLocker Drive Encryption.
Wikipedia

Read the wikipedia's article and then post back if you still have problems.

P.S.- Many people post on online forums about such topics while posting completely absurd or misinterpreted information. So unless you know that person replying to your question is a real expert in associated field, dont believe him/her completely. It is better to rely on sources such as Wikipedia for information.

HOPE THIS HELPS........
AmbrNewlearner

I went through wikipedia article on it but am still confused because the same things are written in wikipedia about bitlocker just as in those forums......

**AmberJain** · Sep 18 '08, 05:54 AM

Hello again,

It's good that you pursued Wikipedia for information about Bitlocker.
Let me answer (or atleast try to answer) your questions.

Originally posted by lifeisgreat2000 9

I searched the web and found that Bitlocker first performs Operation System Integrity check and sees that whether booting is being done from the same partition as earlier......Wh at does this mean ????

Let me tell you first that many PCs contain a TPM chip or TPM Security device (as wikipedia calls it) which stores the key used for disk encryption by BitLocker (in Windows Vista). When users logs in to his Vista account, Vista checks whether early boot files appear to be unmodified (this is to ensure the integrity of the trusted boot path (e.g. BIOS, boot sector, etc.), in order to prevent most offline physical attacks, boot sector malware, etc.). If all files (in consideration) appear to be unmodified then OS code releases key from TPM chip.

Now as wikipedia says:

Originally posted by wikipedia

In order for BitLocker to operate, the hard disk requires at least two NTFS-formatted volumes: one for the operating system (usually C:) and another with a minimum size of 1.5GB where the operating system boots from. BitLocker requires the boot volume to remain unencrypted, so it should not be used to store confidential information.

So the answer your question regarding "booting is done from same partition" is that it checks for the boot partition for any of offline physical attacks, boot sector malware etc and if everything is in order then OS proceeds with other processes associated with TPM.

Originally posted by lifeisgreat2000 9

But confusion is that its being said that If our PC is stolen or lost then no one can see any of the files that we have stored on the hard dive ......
How is this possible ???

As wikipedia says-"User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported: a pre-boot PIN entered by the user, or a USB key."
Just remember that if a complete logical drive is encrypted, then even if PC is stolen or lost, no one can access contents of that logical drive as the new owner of PC does not have this PIN or USB key. And as in (almost) any encryption scheme, if one knows the key, he/she can decrypt the data. You yourself answered this question:

Originally posted by lifeisgreat2000 9

Also if the encryption key was on a flash drive pen drive....and if the thie has not stolen that flash drive...then it is understandable that the thief will not be able to start the PC ........because obviously the thief does not possess the encryption keys....

Hope this is clear....

Originally posted by lifeisgreat2000 9

But its written in the forums that all the data will be in encrypted form and thief would not be able to read any files .....
I mean how come is that ???

If the thief doesnot have PIN or USB key, he will not be able to access any of your files (if bitlocker is enabled in Vista) even if he loads some other OS (e.g. Linux) as the complete logical volume is encrypted.

Prior to Vista, none of Windows OS had Bitlocker scheme inbuilt into them. And so, even if thief didnt had the logon password (e.g. for XP) he could load non-Windows OS (e.g. Linux) and easily access the files on PC. An OS live CD was all that was needed to access data on a Windows PC (one need not required the logon password), but after launch of Vista's Bitlocker scheme one requires a PIN or USB key to unlock all data (@Experts-I am not talking about exceptions here). That's it........

So if you are using BitLocker then all you need is to secure your USB key or PIN in order to protect your data.

I expect that I could properly explain it all.......
If you are still confused, post back your questions...... ..

P.S.-Here's a QUOTE from wikipedia which corrects a misinterpreted concept:

Originally posted by wikipedia

In computing, Trusted Platform Module (TPM) is both the name of a published specification detailing a secure cryptoprocessor that can store cryptographic keys that protect information, as well as the general name of implementations of that specification, often called the "TPM chip" or "TPM Security Device" (as designated in certain Dell BIOS settings[1]). Calling TPM a "chip" however is a bit of a misnomer since it's a specification for the software written to firmware on chips as opposed to a physical object on a circuit board.

HOPE THIS HELPS.......... .......
AmbrNewlearner

**lifeisgreat20009** · Sep 19 '08, 02:24 PM

Originally posted by ambrnewlearner

Hello again,

It's good that you pursued Wikipedia for information about Bitlocker.
Let me answer (or atleast try to answer) your questions.

Let me tell you first that many PCs contain a TPM chip or TPM Security device (as wikipedia calls it) which stores the key used for disk encryption by BitLocker (in Windows Vista). When users logs in to his Vista account, Vista checks whether early boot files appear to be unmodified (this is to ensure the integrity of the trusted boot path (e.g. BIOS, boot sector, etc.), in order to prevent most offline physical attacks, boot sector malware, etc.). If all files (in consideration) appear to be unmodified then OS code releases key from TPM chip.

Now as wikipedia says:

So the answer your question regarding "booting is done from same partition" is that it checks for the boot partition for any of offline physical attacks, boot sector malware etc and if everything is in order then OS proceeds with other processes associated with TPM.

As wikipedia says-"User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported: a pre-boot PIN entered by the user, or a USB key."
Just remember that if a complete logical drive is encrypted, then even if PC is stolen or lost, no one can access contents of that logical drive as the new owner of PC does not have this PIN or USB key. And as in (almost) any encryption scheme, if one knows the key, he/she can decrypt the data. You yourself answered this question:

Hope this is clear....

If the thief doesnot have PIN or USB key, he will not be able to access any of your files (if bitlocker is enabled in Vista) even if he loads some other OS (e.g. Linux) as the complete logical volume is encrypted.

Prior to Vista, none of Windows OS had Bitlocker scheme inbuilt into them. And so, even if thief didnt had the logon password (e.g. for XP) he could load non-Windows OS (e.g. Linux) and easily access the files on PC. An OS live CD was all that was needed to access data on a Windows PC (one need not required the logon password), but after launch of Vista's Bitlocker scheme one requires a PIN or USB key to unlock all data (@Experts-I am not talking about exceptions here). That's it........

So if you are using BitLocker then all you need is to secure your USB key or PIN in order to protect your data.

I expect that I could properly explain it all.......
If you are still confused, post back your questions...... ..

P.S.-Here's a QUOTE from wikipedia which corrects a misinterpreted concept:

HOPE THIS HELPS.......... .......
AmbrNewlearner

Thanks so much ...
You have been a great help..... :-)

**AmberJain** · Sep 20 '08, 05:53 AM

Originally posted by lifeisgreat2000 9

Thanks so much ...
You have been a great help..... :-)

I'm glad that it helped......
AmbrNewlearner

Regarding Bitlocker in Windows Vista

Regarding Bitlocker in Windows Vista

Comment

Comment

Comment

Comment

Comment