Go ahead, try to break into my Bitlocker

This week I finally got around to protecting my TabletPC with Bitlocker.  My laptop holds my entire life, and I take it everywhere with me, so I'd be hosed if if it were ever to fall into the hands of a bad guy.  But not anymore.

One piece I wasn't aware of until I actually locked my drive this way:  every time I do a cold boot of the machine, it asks me for a special PIN--before I even get to the regular login and password.  Since I only cold-boot once a week or so (the rest of the time, I just put the laptop to sleep), this isn't much of a hassle. But it's nice to have the peace of mind, knowing that nobody can get to my data.

Published 30 August 08 08:31 by sprague
Filed under:

Comments

# Goyuix said on August 31, 2008 12:16 AM:

While it certainly would stop most mortals from accessing your data - be careful when using words like "nobody" or "everyone". You might be surprised how easy it would be for someone to get at your data, particularly since you leave it in sleep mode most of the time:

http://arstechnica.com/news.ars/post/20080221-researchers-crack-filevault-bitlocker-with-canned-air-hack.html

# sprague said on August 31, 2008 12:37 AM:

Yeah, I suppose I'm not paranoid enough.  I mean, maybe the NSA could still get into my laptop, but I don't see how I can really protect myself against them anyway.

I'm far more worried about the small-time crook to whom a Bitlocker-protected machine is the equivalent of a homeowner with a full-time security detail.  Yeah, maybe you could still sneak in, but why not go bother somebody else instead.

# chrisaltesino said on August 31, 2008 1:48 AM:

Interesting... How long did it take you to set it up?  These systems are nice but I always fear locking myself out.  

PS- I'm jealous that you have a tablet!

# sprague said on September 1, 2008 12:30 PM:

The whole thing took less than an hour, but I cheated on the setup: I watched while it was installed by a guy who's done this a zillion times.

Still, it looked pretty easy and straightforward. I'd do it at home too but it looks like I don't have the required hardware support (TPM, whatever that means).

New Comments to this post are disabled

Search

This Blog

Subscribe with Bloglines

Add to Google

Add to My Yahoo!

Twitter Updates

    follow me on Twitter

    Syndication

    Page view tracker