The bad guys will use BitLocker, too

  • Article

Got an email today from a customer asking about how BitLocker will affect the ability of law enforcement to conduct forensic analysis of a protected hard drive. Specifically, the person was asking about any back doors that law enforcement could use to bypass the encryption.

The answer is very simple, and I'm sure not what he wanted to hear: there are no back doors. Period.

Think about it for a moment: if there were a back door, would you trust the technology? Of course not. If Microsoft incorporated a mechanism to bypass the encryption, then we'd be weakening the technology for 99.9% of the population to favor the needs of 0.1%. And, surely, the bad guys would find out how to exploit the bypass -- meaning that BitLocker becomes completely useless for you.

Here's a similar example: some people have advocated that cell phones be disabled in certain public places (movie theaters, tunnels, sports stadiums, and so on) because terrorists might use them to remotely trigger bombs. What a bunch of nonsense this is. Communications tools are far more beneficial to the millions of good guys who use them every day (perhaps to save lives?) than to the few bad guys who also use them. Why destroy beneficial utility for everyone just because someone might misuse the technology?

Encryption is amoral. Good guys will use it, and bad guys will use it. We've got to accept that fact. It does no one any good to render beneficial technology useless just because there's the potential that someone might misuse it.

Comments

  • Anonymous
    January 01, 2003
    As Steve mentions, there is absolutely no back door for anyone in BitLocker. However, good investigatory and digital forensic procedures are certainly still very important when working with a Windows Vista computer. I'd suggest that any law enforcement agencies with concerns should have their department contact Microsoft directly.
  • Kai

  • Anonymous
    January 01, 2003
    Ravi-- this is why BitLocker (and any good enterprise-grade encryption product) includes a recovery mechanism. It's all very well documented on Microsoft.com.

  • Anonymous
    January 01, 2003
    Samuel -- the right of citizens to protect their own property is the foundation of American democracy and indeed is a requirement for any democracy to function, along with transparency in government. It's really quite disheartening when I read that segments of our society are opposed to these very necessary fundamentals.

  • Anonymous
    January 01, 2003
    slagmi-- What evidence do you have that such a tool exists? Do you work for Microsoft? I can promise you, there is no such tool. There is a Recovery Password Viewer (http://support.microsoft.com/kb/928202), but this is for displaying recovery passwords stored in computer accounts in Active Directory. It will not work if you don't have admin-level access to the domain. It's a pretty safe assumption that bad guys won't be joining their computers to any domains. Watches-- there is no such thing as "fool-proof encryption." Given sufficient time and resources, all encryption is ultimately defeatable.

  • Anonymous
    July 17, 2007
    i totally agree with you steve. the feature benefits much more people than compared with the baddies. anyway, nothing if perfect in this world.  that means technology too! :>

  • Anonymous
    July 19, 2007
    The comment has been removed

  • Anonymous
    July 26, 2007
    Don't think for a moment that Microsoft won't provide the BitLocker Password Recovery Tool to any verifiable Law Enforcement entity that asks for it! (800) 936-5700

  • Anonymous
    July 26, 2007
    I agree! There are tools such as truecrypt that offer the same services and making it fool proof encryption is what is needed!

  • Anonymous
    August 09, 2007
    I just read your article on Tech ED (link posted at slashdot) and totally agree with you. It is really good to know that IT security in big companies has not completely sold itself to the "Big Brother".

  • Anonymous
    August 13, 2007
    yeah, its true.....certainly for the organizations in the initial stages thinkin about security can go for bitlocker. But dont you agree with that, there comes some things like TPM, if your motherboard is gone then you have to kiss goodbye to your valueable information. Reply to ravi.rawal@gatewaynintec.in

  • Anonymous
    August 15, 2007
    Amazingly, many corporations decide implementing HD encryption recovery procedures that degrade level of protection given by BitLocker using TPM to that of a helpdesk guy's password. Re. governments having access to backdoors and such: the government agencies know that there's no backdoor. Besides having Steve's and Steve's word, they have access to Windows sources.

  • Anonymous
    August 22, 2007
    I think cellphones should be banned in movie theatres because they are annoying. If a movie threatre agrees with me then they should be honest about their reason rather than hiding behind a "security" argument. Saying they are doing something for "security purposes" is a strange kind of "reverse security theatre". Cheers Craig

  • Anonymous
    September 18, 2007
    Generally speaking, a smart criminal (the sort that would know about Bitlocker and use it in the right way) wouldn't keep records of their criminal activity on their computer anyway. Alternatively they could use "one time pads" to effectively encrypt stuff that they want to keep secret without worrying about whatever secrecy features their operating system has. You don't need a computer to keep things secret. Stuff like bitlocker just makes it a little easier.

  • Anonymous
    October 07, 2007
    The comment has been removed