Saturday, September 26, 2009

Is Weakness a Vulnerability?

No, according to Microsoft.

BitLocker Drive Encryption is full disk encryption solution introduced by Microsoft since Vista (Ultimate and Enterprise edition) and with the enhancement in Windows 7. A lot of people do notice that full disk encryption isn't the panacea for data loss prevention.

Thus, in Windows 7, Microsoft takes it to the next level to protect your data - even on removable drive.

BitLocker-to-Go is a new feature available in Windows 7 (Ultimate and Enterprise edition only). It extends BitLocker data protection to USB storage devices, enabling them to be restricted with a passphrase. In addition to having control over passphrase length and complexity, IT administrators can set a policy that requires users to apply BitLocker protection to all removable drives before being able to write to them.

Does BitLocker in Windows 7 seems perfect? No, not yet.

Based on testing, first you need to have TPM before you can use BitLocker. In Windows 7, BitLocker allows you to protect the hard disk and removable drive (USB connection). But it still miss out the floppy drive and CD-R/CD-RW/DVD-R/DVD-RW.

This isn't a vulnerability. It is a design.