Vista Forums - View Single Post

**bobster** · 09-05-2007

Found this,

One security implication of a software encryption system like BitLocker is that the recovery key/password entry process could be spoofed by another bootmanager or OS install. Once the spoofed software captured the secret, it could be used to decrypt the VMK, which then allows access to decrypt or modify any information on the user's BitLocker encrypted hard disk. This risk can be reduced by configuring the computer's BIOS to only allow booting from the internal hard disk, and then protecting this setting with a strong password. This will not work if your adversary can reset the CMOS memory on your brand of computer to delete the password.

09-05-2007	#7 (permalink)
bobster Vista 64Bit 6 posts	Re: Vista 64 Preboot and Drive Encryption?? Found this, One security implication of a software encryption system like BitLocker is that the recovery key/password entry process could be spoofed by another bootmanager or OS install. Once the spoofed software captured the secret, it could be used to decrypt the VMK, which then allows access to decrypt or modify any information on the user's BitLocker encrypted hard disk. This risk can be reduced by configuring the computer's BIOS to only allow booting from the internal hard disk, and then protecting this setting with a strong password. This will not work if your adversary can reset the CMOS memory on your brand of computer to delete the password.
My System Specs