Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

A beginner's guide to BitLocker, Windows' built-in encryption tool

Ian Paul | June 2, 2014
The creators of TrueCrypt shocked the computer security world this week when they seemingly ended development of the popular open source encryption tool. Even more surprising, the creators said TrueCrypt could be insecure and that Windows users should migrate to Microsoft's BitLocker. Conspiracy theories immediately began to swirl around the surprise announcement.

The creators of TrueCrypt shocked the computer security world this week when they seemingly ended development of the popular open source encryption tool. Even more surprising, the creators said TrueCrypt could be insecure and that Windows users should migrate to Microsoft's BitLocker. Conspiracy theories immediately began to swirl around the surprise announcement.

Regardless of the true motivations behind the message, the TrueCrypt fiasco gives us a chance to talk about BitLocker — and how to use it.

What is BitLocker?

BitLocker is Microsoft's easy-to-use, proprietary encryption program for Windows that can encrypt your entire drive as well as help protect against unauthorized changes to your system such as firmware-level malware.

Who can use BitLocker

BitLocker is available to anyone who has a machine running Windows Vista or 7 Ultimate, Windows Vista or 7 Enterprise, Windows 8.1 Pro, or Windows 8.1 Enterprise. If you're running an Enterprise edition chances are your PC belongs to a large company so you should discuss enabling BitLocker encryption with your company's IT department.

Most of us buy PCs with the standard version of Windows, which doesn't include BitLocker encryption. But if you upgraded to Windows 8 during the initial rollout of Microsoft's dual-interface OS then you probably have Windows 8 or 8.1 Pro. During the early days of Windows 8 Microsoft was selling cheap Windows 8 Pro upgrade licenses to anyone eligible for an upgrade.

System requirements

To run BitLocker you'll need a Windows PC running one of the OS flavors mentioned above, plus a PC with at least two partitions and a Trusted Platform Module (TPM).

A TPM is a special chip that runs an authentication check on your hardware, software, and firmware. If the TPM detects an unauthorized change your PC will boot in a restricted mode to deter potential attackers.

If you don't know whether your computer has a TPM or multiple partitions, don't sweat it. BitLocker will run a system check when you start it up to see if your PC can use BitLocker.

Who should use BitLocker?

Here's the thing about BitLocker: It's a closed source program. That's problematic for extremely privacy-minded folks, since users have no way of knowing if Microsoft was coerced into putting some kind of backdoor into the program under pressure from the U.S. government.

The company says there are no back doors, but how can we be certain? We can't. Sure, if BitLocker was open source most of us wouldn't be able to read the code to determine if there was a backdoor anyway. But somebody out there would be able to meaning there would be a much higher chance of any faults with the program being discovered.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.