Ethical Hacker Community Forums

Windows Vista will include a cool new feature for full disk encryption called BitLocker. Two big issues is that it is still software based and it will only be offered in the Enterprise and Ultimate versions of Vista.

For easy to use, full drive encryption for the masses, look to the hard drive manufacturers. Here are a couple that exist now:

LaCie SAFE Mobile Hard Drive with DES/3DES Encryption (http://www.lacie.com/products/product.htm?pid=10691)

Seagate Momentus Laptop Drives with AES (http://www.seagate.com/products/notebook/momentus.html)

I'm certain more are coming down the pipe as this makes it a no brainer to encrypt your data... I hope the VA is listening!

Anyone with any experience or thoughts on these? Do you think this will finally make data encryption hit a tipping point that will make it permeate all sectors of IT?

Don

I think only when it's free or forced with most basic users use encryption because there is just not enough user education out there to explain the right reasons for it. I push “truecrypt” to everyone I talk with. Most people I talk to about encryption have no clue about it or where to start and why it’s so important. I think the Federal government will have to force industry and the vendors will have to force home users to get encryption on the hard drives. But this is just my option so take it with a grain of salt.

Slimjim100

i doubt the govt will be pushing home users to encrypt their data.  too many 3 letter agencies make their money being able to read email and data off people's HDs to make life more difficult for them.

now will the govt start pushing other govt to do it, yes, its already starting to happen.

Since the VA lost that laptop with all of those SSN's on it.  The govt (at least the agency I work for) is starting to require all laptops and mobile devices that contain sensitive data including personal data like SSN's to be encrypted.

Hopefully this is a start and will get some end users to understand why encryption is important and spread the word to other users.

On a second note I too also recommend TrueCrpyt to everyone I talk to for their personal data. I recommend they set it up on a usb thumbdrive and encrypt the entire drive to store their personal and financial data.

I'm sure all of you would have found this on your own, but just to make things easy:

http://www.truecrypt.org

Don

Thanks for the link Don I forgot to post it. :D

Slimjim100

Is anyone running Vista and BitLocker yet?
I will be moving to Vista this week and I am thinking of giving it a go.
I dont really store much data on my local machine so not to sure of the benefits for myself at this stage.

We were evaluating Bitlocker, and ultimately decided to go with Pointsec for our full disk encryption needs.  My hope is that eventually all of our laptop computers will be protected by Bitlocker.

Truecrypt is a great program, but it depends on us being able to force our users to save their data to a certain folder.  We haven't even been able to get our users in the habit of saving data to their network share rather than their hard disk.  If we can't get them to use one folder of our choosing, how could we get them to use another?  We decided that the only way to really protect our data is to encrypt the entire drive.

The problem with Bitlocker is that it is dependent on a TPM 1.2 chip, which only started shipping in the first half of 2006.  If you don't have that chip, and you want to use bitlocker, then users will have to keep the key on a USB drive.  We decided that the most likely place that users will keep their USB drive is in the case with their laptop.  Pointsec allows us to encrypt the entire drive, and keep it completely transparent to our users.  That transparency will reduce resistance from the users hopefully.