VBootkit vs. Bitlocker in TPM mode

Published 08 January 08 08:05 PM

One of the guys in our group, Robert Hensing has an interesting post about VBootkit and whether BitLocker in TPM offers any defense. Short answer: yes, it does. Slightly longer answer: The BitLocker guys anticiated this attack and the really long answer is in his post.

Chalk up another one for Vista :)

by michael_HOWARD

Filed under: Security, Vista

Comments

# MSDN Blog Postings » VBootkit vs. Bitlocker in TPM mode said on January 9, 2008 1:01 AM:

PingBack from http://msdnrss.thecoderblogs.com/2008/01/09/vbootkit-vs-bitlocker-in-tpm-mode/

# Alun Jones said on January 11, 2008 9:16 PM:

Of course, what happens after that is that the BitLocker system goes into "recovery", meaning that it asks you to provide the recovery key.

How many organisations have a plan to inspect a machine to see if it's had its MBR overwritten before they will provide the recovery key? How many organisations, faced with a panicked CEO, about to give a speech to a crowd, who sees a "please provide the recovery key" prompt, will tell the CEO to bring the machine in for checking?

New Comments to this post are disabled

Michael Howard's Web Log

VBootkit vs. Bitlocker in TPM mode

Comments

This Blog

Tags

Archives

Syndication