Sydney Tech Guy

Its taken me a little while to get around writing this, but I thought that its worth noting that the recent claims that Windows Bit Locker encryption has been cracked are more about hype then truth.

For a start, the encryption has not been cracked, your PC is as save today as it was yesterday or last week, and that the key statement, “save today as it was yesterday”

The news isn’t even ground breaking, the way they “cracked” the encryption is that they managed to dump the password from the ram of a running system. When you boot up an encrypted computer, it keeps your password in memory, this is to stop the machine to repeatedly asking for authentication. This is something we want, we don’t want to be continually annoyed by a password prompt, but the flaw is that if someone can get a hold of your running, logged in machine, the encryption may not help you. Remember if someone has physical access to your running, logged in machine you should consider all bets off regardless of other types of protection being used.

The article is in the typical Microsoft haters style, claiming that the company is to blame, incompetent and completely insecure, the problem with that is, this has been a known attack method for hackers, crackers, and anyone after your data regardless of if its running Bit Locker or True Crypt or any other type of encryption software, but you know it doesn’t make the news until someone mentions Microsoft.

Just be careful with your computer equipment and never think its totally secure no matter what your software your using, because someone will always find a way

Microsoft has released a security article about this issue.