Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Bitlocker swap file

microsoft.public.windows.vista.security






Speedup My PC
Reply
  #1 (permalink)  
Old 12-11-2006
=?Utf-8?B?bHZqb2JodW50?=
 

Posts: n/a
Bitlocker swap file
Does bitlocker ecrypt the swap file? Is there anything on a bitlocker driver
that can be recovered?

How does this compare to freeware like compusec.
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 12-12-2006
Jamie Hunter [MS]
 

Posts: n/a
Re: Bitlocker swap file
BitLocker encrypts the page file (swap file), and even encrypts crash-dump
files and hibernation files (things often overlooked). Only the boot files
and portions of metadata are in clear text, none of which provide any
sensitive information.

Because BitLocker was designed in conjunction with Vista, these special
files are handled seamlessly, allowing all the OS functionality you would
expect... securely without requiring special workarounds.

When BitLocker is enabled, it encrypts the volume carefully to ensure that
no data is left unencrypted, and to ensure that if the computer crashes in
the middle of conversion of the volume, it is recoverable.

As I've never installed CompuSec, I can't give you a comparison, but why not
try both out and see which meets your needs better?

Things to consider when comparing products, for example, is if you use a
user-remembered password for boot authentication, how easy is it to crack?
When using TPM+PIN, then the TPM hardware helps mitigate brute-force
attacks, making an easily remembered PIN harder to crack than many password
solutions. The TPM also detects tampering of pre-boot files.

-
Jamie Hunter [MS]

"lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message
news3186967-544F-4776-9FFA-8A123A438E28@microsoft.com...
> Does bitlocker ecrypt the swap file? Is there anything on a bitlocker
> driver
> that can be recovered?
>
> How does this compare to freeware like compusec.


Reply With Quote
  #3 (permalink)  
Old 12-12-2006
Roof Fiddler
 

Posts: n/a
Re: Bitlocker swap file
"Jamie Hunter [MS]" <jamiehun@nospam.microsoft.com> wrote in message
news:E830023B-789D-4F6C-ACF5-B9D6D55B02F3@microsoft.com...
> portions of metadata are in clear text

Which portions exactly?

Reply With Quote
  #4 (permalink)  
Old 12-12-2006
niknik
 

Posts: n/a
Re: Bitlocker swap file

The three .fve blob in system volume information. when you read those
under a live system they are filled with \x00.
The $Boot file is also not encrypted. There are probably other boot
files.
How does BitLocker know which files are encrypted and which are not?


--
niknik
------------------------------------------------------------------------
niknik's Profile: http://vista64.net/forums/member.php?userid=637
View this thread: http://vista64.net/forums/showthread.php?t=29093

Reply With Quote
  #5 (permalink)  
Old 12-12-2006
Jamie Hunter [MS]
 

Posts: n/a
Re: Bitlocker swap file
Specifically $BOOT is the first 8K of the disk, and contains information
such as file-system size; unused boot code; and some "snapshot" information.
It also points to the first copy of BitLocker metadata (see
http://blogs.msdn.com/si_team/archiv...itlocker.aspx).
Each copy of metadata (shadowed by the three .fve files in system volume
information) point to each other. The primary structure is decrypted, but
contains encrypted components. The entire structure has a MAC (Message
Authenticity Check).
The final piece of decrypted data is the backup boot sector at the end of
the volume immediately after the file-system. That's 5 decrypted and easily
identifiable regions in total. None of which contain sensitive information.

An example of decrypted data in the metadata is a label that helps identify
the volume and key labels to help find the recovery key.
An example of encrypted data in the metadata is the VMK (Volume Master Key)
encrypted by an externally provided (or TPM provided) key; and the FVEK
(Full Volume Encryption Key) encrypted by the VMK.

Hope this helps?
-
Jamie Hunter [MS]

"niknik" <niknik.2ipsca@no-mx.vista64.net> wrote in message
news:niknik.2ipsca@no-mx.vista64.net...
>
> The three .fve blob in system volume information. when you read those
> under a live system they are filled with \x00.
> The $Boot file is also not encrypted. There are probably other boot
> files.
> How does BitLocker know which files are encrypted and which are not?
>
>
> --
> niknik
> ------------------------------------------------------------------------
> niknik's Profile: http://vista64.net/forums/member.php?userid=637
> View this thread: http://vista64.net/forums/showthread.php?t=29093
>


Reply With Quote
  #6 (permalink)  
Old 12-13-2006
niknik
 

Posts: n/a
Re: Bitlocker swap file

Yes - this completely answers my last question.

I guess since BitLocker is a Full Volume Encryption (hence the .FVE
extension) it only encrypts the OS volume and not the BCD partition
needed for the booting or any other partitions.

Does BitLocker support external volumes yet?


Thank you.


--
niknik
------------------------------------------------------------------------
niknik's Profile: http://vista64.net/forums/member.php?userid=637
View this thread: http://vista64.net/forums/showthread.php?t=29093

Reply With Quote
  #7 (permalink)  
Old 12-13-2006
Josh
 

Posts: n/a
Re: Bitlocker swap file
you can encrypt other volumes if you use the managebde script. Tread
lightly however is my best advice as you really need to understand what you
are doing here to do it correctly. Be sure to escrow that key.

--
Josh
http://windowsconnected.com

"niknik" <niknik.2iqeln@no-mx.vista64.net> wrote in message
news:niknik.2iqeln@no-mx.vista64.net...
>
> Yes - this completely answers my last question.
>
> I guess since BitLocker is a Full Volume Encryption (hence the .FVE
> extension) it only encrypts the OS volume and not the BCD partition
> needed for the booting or any other partitions.
>
> Does BitLocker support external volumes yet?
>
>
> Thank you.
>
>
> --
> niknik
> ------------------------------------------------------------------------
> niknik's Profile: http://vista64.net/forums/member.php?userid=637
> View this thread: http://vista64.net/forums/showthread.php?t=29093
>


Reply With Quote
  #8 (permalink)  
Old 12-13-2006
niknik
 

Posts: n/a
Re: Bitlocker swap file

Thank you!


--
niknik
------------------------------------------------------------------------
niknik's Profile: http://vista64.net/forums/member.php?userid=637
View this thread: http://vista64.net/forums/showthread.php?t=29093

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
XP Can't access Vista Share TedF microsoft.public.windows.vista.networking sharing 12 04-30-2010 14:12
Offline files cannot synchronize =?Utf-8?B?SW52aXNpYmxl?= microsoft.public.windows.vista.networking sharing 11 11-11-2008 11:14
More Vista LAN file sharing problems =?Utf-8?B?QWxreUlST0M=?= microsoft.public.windows.vista.networking sharing 2 02-28-2007 03:14
Desktop Live Mail Nukes File Associations for OE NG messages Chad Harris microsoft.public.windows.vista.mail 23 01-19-2007 13:27
Re: BitLocker Post OS-Install - Boot & Partition Considerations Jamie Hunter [MS] microsoft.public.windows.vista.security 0 12-06-2006 22:01




All times are GMT +1. The time now is 21:24.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120