Welcome to Brendon Davis

What Bitlocker on VISTA doesn’t do

Autor brendon

After reading an article on TheRegister I think some people have misunderstood the purpose for BitLocker. It is a ‘full drive encryption’ product. In most cases, the keys are stored on the hardware or on a removable USB drive.

Assuming your laptop with Bitlocker is stolen, the person can still turn the computer on and boot into windows. They can’t log on because they don’t know your password, and of course you use a complex password…. If they take the drive out of the laptop and try to read it on another computer or boot off an external drive in your computer. Your system partition will have an invalid file system, so they can’t access your data.

If they try to reset your SAM password using a Linux boot utility, it won’t work because the SAM is encrypted on the drive.

Further to this, BitLocker only works on the SYSTEM partition (not active partition). So any other volume’s on your PC will need to be encrypted using EFS. This is still secure because the encryption keys for the EFS files are stored on the system drive and are encrypted therefore unavailable.

BitLocker will NOT stop a person from gaining access to your data if you have weak passwords or they obtain the USB key.
It will NOT stop a forensic analysis from taking a copy of the encrypted drive.

It WILL stop someone copying your documents/ emails/ etc. off your stolen device.