Mobile // Mobile Applications
News
12/8/2009
03:17 PM
Connect Directly
RSS
E-Mail
50%
50%

Microsoft Dismisses BitLocker Threat

Software maker claims vulnerability exposed by researchers unlikely to occur in "real world."

Microsoft claims recent Internet reports about vulnerabilities in its BitLocker security technology are exaggerated.




Windows 7 screen shot
(Click for larger image and for full photo gallery)

"Success comes at a price," wrote Microsoft senior director Paul Cooke, in a blog post Monday. That price, Cooke wrote, includes "greater scrutiny and misinterpretation of some of the technologies. One of those technologies is BitLocker," he said.

BitLocker is a drive encryption system that Microsoft introduced in 2007 with the introduction of Windows Vista. It's also included in some versions of the new Windows 7 operating system, which debuted in October.

Security bloggers, including researchers at Germany's Fraunhofer Institute for Secure Information Technology, in recent days have published reports that PCs and laptops protected with BitLocker could be compromised in certain circumstances.

But Cooke said those circumstances covered scenarios that were highly unlikely to occur in real life.

"This research is similar to other published attacks where the computer owner leaves a computer unattended in a hotel room and anyone with access to the room could tamper with the computer," wrote Cooke.

"This sort of attack poses a relatively low risk to folks who use BitLocker in the real world," he said.

Still, Cooke reminded Windows users that BitLocker is only one element of Microsoft's multi-tiered approach to security.

"Even with the great enhancements made in Windows 7 such as BitLocker To Go, it still remains that BitLocker alone is not a complete security solution," said Cooke.

"IT professionals as well as users must be diligent when protecting IT resources and the best protection against these sorts of targeted attacks requires more than just technology. It requires end user education and physical security also play important roles," Cooke wrote.


InformationWeek has published an indepth report on Windows 7. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek - September 2, 2014
Avoiding audits and vendor fines isn't enough. Take control of licensing to exact deeper software discounts and match purchasing to actual employee needs.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.