Black Hat Presentation – Bypassing Local Windows Authentication to Defeat Full Disk Encryption

Ian Haken makes a fascinating presentation of his research on bypassing Bitlocker on a Windows machine if you have physical access to the machine you’re trying to crack into. Especially interesting is the point Haken makes at the end that this particular attack worked (Microsoft has since fixed this particular issue)  because of assumptions about the security model that Microsoft made years ago that are no longer true–but those assumptions are instantiated in the way that various parts of Windows authentication works.

 

Full Disk Encryption on Ubuntu

An article from the Electronic Frontier Foundation from back in November 2012 notes that Canonical has begun incorporating easy-to-install full disk encryption beginning with Ubuntu 12.10.

When you install Ubuntu, now there’s a checkbox to “Encrypt the new Ubuntu installation for security.” Users who are new to GNU/Linux and just making the switch can easily have the same level of security against physical-access attacks as seasoned nerds.