Hibernate and FDE

Earlier this week, I read this article reporting on Passware’s presentation at Password^20.   It reported that if you are using BitLocker or TrueCrypt and you’ve ever used hibernate, then Passware Kit Forensic is able to recover the encryption key from the Hibernate file.   The recommendation was “NEVER EVER EVER EVER allow hibernation for any computer.” I found …

Continue reading ‘Hibernate and FDE’ »

GuardianEdge Windows 7 Looking Back

Like a lot of companies we are trying to go to Windows 7 sooner rather than later. We skipped Vista and XP is starting to seem a bit old. One of the things holding us back is GuardianEdge’s Full Disk Encryption product. Here’s our timeline. In October 2009 I asked GuardianEdge about Windows 7 support …

Continue reading ‘GuardianEdge Windows 7 Looking Back’ »

iPhone (in)security in the enterprise – Followup

Back in November I wrote a summary of several concerns we have about the iPhone in the enterprise. Four months later lets take a look at see what’s changed. One of the other guys at work took that list of concerns to our AT&T rep, who then took them to a unnamed, untitled Apple contact. …

Continue reading ‘iPhone (in)security in the enterprise – Followup’ »

BitLocker vs Third Party FDE

Like many organizations, we skipped Vista. So with Windows 7 we are facing the question “is Windows 7 good enough” or do we still need to pay for a third-party full disk encryption (FDE) product. This question was asked back in 2006 at the SANS Desktop Encryption Summit. The FDE vender’s felt their product was …

Continue reading ‘BitLocker vs Third Party FDE’ »

iPhone (in)security in the enterprise

Just when you thought you’d successfully killed it off, its back. The email from management who is getting pressure from the c levels asking why the iPhone isn’t supported. It comes in on schedule every two month. “iPhone version 3.1 has solved all the security problems, right?” Um, no. “There is now a Wolfram Alpha …

Continue reading ‘iPhone (in)security in the enterprise’ »

Bitlocker podcast with Paul Cook

Today I listened to a recording of Paul Cooke posted at MyitForum, Director in the Windows Client division specializing in security, where he discusses BitLocker Drive Encryption, and how it has been extended in Windows Vista SP1. Its been a while since I’d read anything on bitlocker. Since GuardianEdge did a number on my laptop …

Continue reading ‘Bitlocker podcast with Paul Cook’ »

Managing Emotions Under Pressure – part 2

This is part 2 of a series posts reflecting on a Fred Pryor class titled Managing Your Emotions Under Pressure. There is more pressure than ever in the workplace. There is just a lot of information to absorb and a lot of tasks to perform. Most of my readers will understand that. They use RSS …

Continue reading ‘Managing Emotions Under Pressure – part 2’ »

SANS Session 1.5 Encryption Tools

These are my notes from the vendor panel at the SANS Secure Storage and Encryption Summit. Guardian Edge If we haven’t had enough statement of the problem, I like the way they put it. Data is disappearing out of the organization and you don’t know it. 81 percent of companies report the loss of one …

Continue reading ‘SANS Session 1.5 Encryption Tools’ »

Bitlocker cryptographic algorithm published

The Microsoft System Integrity Team Blog has posted a link to the Bitlocker Cryptographic algorithm. The amazing thing is that the paper is from Microsoft, on Microsoft’s site, yet its in PDF. I’m kind of used to Microsoft documentation being placed in a signed self-extracting archive. In the article they discuss why existing ciphers were …

Continue reading ‘Bitlocker cryptographic algorithm published’ »