Vista - Bitlocker!! Why doesnt it work?

**sypher007** · 08-15-2008

i have just purchased by new machine which came with vista ultimate 64bit SP1 pre installed.

the bit locker will not work as there is no TPM found is says a TPM is required to turn on bitlocker.

i know you can use a flash drive every time you start up the machine but i dont want to do that. Does anyone know how i can get a TPM or know a solution - i read something about upgrading the bios but i dont know what bios i have!

Please help!

**echrada** · 08-15-2008

TPM stands for Trusted Platform Module - and it would be installed in your computer as a chip - if you do not have that installed in your machine, bitlocker will be of no value to you.

**stormy13** · 08-15-2008

Quote: Originally Posted by echrada

TPM stands for Trusted Platform Module - and it would be installed in your computer as a chip - if you do not have that installed in your machine, bitlocker will be of no value to you.

Not quite, you can use a USB to store the encryption data,

Quote:

There are three implementation models for BitLocker encryption.[5] Two models require a cryptographic hardware chip called a Trusted Platform Module (version 1.2 or later) and a compatible BIOS. A third model does not have the TPM chip requirement:

Transparent operation mode: This mode exploits the capabilities of the TPM 1.2 hardware to provide for a transparent user experience—the user logs onto Windows Vista as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing Group. This mode is vulnerable to a cold boot attack, as it allows a machine to be booted by an attacker.
User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported: a pre-boot PIN entered by the user, or a USB key.

The third model, without the TPM chip requirement:

USB Key Mode: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment.

BitLocker Drive Encryption - Wikipedia, the free encyclopedia

**echrada** · 08-15-2008

I stand corrected. After reading a bit more (which I should have done in the first place)

If your computer has as a Trusted Platform Module (TPM) 1.2 chip, BitLocker can use the chip to perform a system integrity check—a process that verifies your computer system has not been tampered with—before unlocking your drive. If you do not have a TPM 1.2 chip, you can still use the encryption provided by BitLocker, but not the system integrity checking. For information about how to enable BitLocker on your computer without using a TPM 1.2 chip, see the BitLocker Drive Encryption Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=79031).

Where Can I Get More Information?

For more information about BitLocker, including requirements and options, see the BitLocker information page on TechNet (http://go.microsoft.com/fwlink/?LinkId=67438).

**dmex** · 08-15-2008

TPMs can be installed into your computer if it supports that extra extension on your motherboard or other types like a smartcard or USB dongle (Thats Not a USB drive!!), however it is more secure to use a 3rd party encryption program like PGP Desktop (Its the Best and most secure since I cant bypass it) or TrueCrypt.... The United States Export laws have made Bitlocker susceptible to cold-boot bypass techniques thanks to its default low memory protection settings (you can disable this bypass technique via GroupPolicy) Personally I can bypass Bitlocker in less than 2 minutes since most dont check the settings, TrueCrypt and most other 3rd party programs are about the same depending on your setting preferences and desired security level

**sypher007** · 08-16-2008

CHeers guys. your help is greatly appreciated!

08-15-2008	#1 (permalink)
sypher007 Vista ultimate x64 15 posts	Bitlocker!! Why doesnt it work? i have just purchased by new machine which came with vista ultimate 64bit SP1 pre installed. the bit locker will not work as there is no TPM found is says a TPM is required to turn on bitlocker. i know you can use a flash drive every time you start up the machine but i dont want to do that. Does anyone know how i can get a TPM or know a solution - i read something about upgrading the bios but i dont know what bios i have! Please help!
My System Specs

08-15-2008	#2 (permalink)
echrada Microsoft® Windows Vista™ Ultimate x64 SP2 Windows 7 7127 x64 869 posts	Re: Bitlocker!! Why doesnt it work? TPM stands for Trusted Platform Module - and it would be installed in your computer as a chip - if you do not have that installed in your machine, bitlocker will be of no value to you.
My System Specs

08-15-2008	#3 (permalink)
stormy13 Vista Ultimate x64 607 posts	Re: Bitlocker!! Why doesnt it work? Quote: Originally Posted by echrada TPM stands for Trusted Platform Module - and it would be installed in your computer as a chip - if you do not have that installed in your machine, bitlocker will be of no value to you. Not quite, you can use a USB to store the encryption data, Quote: There are three implementation models for BitLocker encryption.[5] Two models require a cryptographic hardware chip called a Trusted Platform Module (version 1.2 or later) and a compatible BIOS. A third model does not have the TPM chip requirement: Transparent operation mode: This mode exploits the capabilities of the TPM 1.2 hardware to provide for a transparent user experience—the user logs onto Windows Vista as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing Group. This mode is vulnerable to a cold boot attack, as it allows a machine to be booted by an attacker. User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported: a pre-boot PIN entered by the user, or a USB key. The third model, without the TPM chip requirement: USB Key Mode: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment. BitLocker Drive Encryption - Wikipedia, the free encyclopedia
My System Specs

08-15-2008	#4 (permalink)
echrada Microsoft® Windows Vista™ Ultimate x64 SP2 Windows 7 7127 x64 869 posts	Re: Bitlocker!! Why doesnt it work? I stand corrected. After reading a bit more (which I should have done in the first place) If your computer has as a Trusted Platform Module (TPM) 1.2 chip, BitLocker can use the chip to perform a system integrity check—a process that verifies your computer system has not been tampered with—before unlocking your drive. If you do not have a TPM 1.2 chip, you can still use the encryption provided by BitLocker, but not the system integrity checking. For information about how to enable BitLocker on your computer without using a TPM 1.2 chip, see the BitLocker Drive Encryption Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=79031). Where Can I Get More Information? For more information about BitLocker, including requirements and options, see the BitLocker information page on TechNet (http://go.microsoft.com/fwlink/?LinkId=67438).
My System Specs

08-15-2008	#5 (permalink)
dmex Windows Vista™ Ultimate 2,631 posts	Re: Bitlocker!! Why doesnt it work? TPMs can be installed into your computer if it supports that extra extension on your motherboard or other types like a smartcard or USB dongle (Thats Not a USB drive!!), however it is more secure to use a 3rd party encryption program like PGP Desktop (Its the Best and most secure since I cant bypass it) or TrueCrypt.... The United States Export laws have made Bitlocker susceptible to cold-boot bypass techniques thanks to its default low memory protection settings (you can disable this bypass technique via GroupPolicy) Personally I can bypass Bitlocker in less than 2 minutes since most dont check the settings, TrueCrypt and most other 3rd party programs are about the same depending on your setting preferences and desired security level
My System Specs

08-16-2008	#6 (permalink)
sypher007 Vista ultimate x64 15 posts	Re: Bitlocker!! Why doesnt it work? CHeers guys. your help is greatly appreciated!
My System Specs

Similar Threads
Thread	Forum
Keyboard doesnt work.	Vista hardware & devices
New Key Doesnt Work	.NET General
cd-dvd drive doesnt work	Vista hardware & devices
My headset doesnt work	Vista hardware & devices
Sleep Doesnt work	Vista General