Bitlocker Security Questions

TraderGary · Jan 27, 2025

XxXxX said:
just my thoughts ..
after the cloudstrike problem which affected millions of systems worldwide it was shown very clearly by Microsoft themselves that bitlocker had back doors. thats not an opinion that was direct from Microsoft. to enable access to these affected systems work arounds were used to bypass bitlocker.

please note. i have never used bitlocker so i have no axe to grind.
best of luck, Steve ..

There's been some confusion around this issue. The CrowdStrike problem you're referring to involved a critical update that caused blue screen of death (BSOD) errors on Windows devices. Microsoft released a recovery tool to help fix the issue, and there were discussions about BitLocker recovery keys being needed for some affected systems.

However, there's no evidence to suggest that Microsoft admitted to or revealed any back doors in BitLocker. Misinformation or misinterpretation has led to this belief.

Win711 · Jan 27, 2025

TraderGary said:
OK. Here's the situation. @newmann started this thread with questions about his BitLocker use and BitLocker security.

I've used BitLocker since it was introduced and I've also owned 6 Dell XPS laptops in the past 20 years, including the one @newmann is currently using. While trying to help the OP, the usual Microsoft haters piled in with all their reasons to distrust Microsoft and distrust BitLocker. Just what the OP needed.

And then you jump in and tell me I'm bragging about what I've done and that I need to humbly ask how I can improve.

I can't imagine how frustrated @newmann must feel if he's been following all this nonsense.

I read the thread from the beginning like a book. He started the thread two years ago and was frustrated by the fact that he can't get a clear answer to his questions. HDMI mentioned bitlocker can be hacked. Newmann asked if it's true and ever since a variety of people have been debating that possibility on and off since December 2022.

You could humbly say "I have this and I do this, what do you recommend I do in addition?"

Instead you seem to say "I have this and no one has demonstrated publicly that it can be hacked, so I'm all set, and dissenters are just the usual haters whose opinions are to be disregarded."

And you're perfectly entitled to that point of view. But Newmann was asking and other people could be reading so everyone should be cautioned that you're taking risks that cannot be quantified because you cannot know what capabilities exist that have not been published.

Unless someone can demonstrate that bitlocker cannot be circumvented then it has to be assumed it can. Just because you cannot think of a way doesn't mean someone else cannot think of a way. And if some nefarious actor has thought of a way, then why would they publish it?

As a trader you're used to taking calculated risks but you can't make that same determination for Newmann or the public at large because you don't have sufficient information. I think that's the gist of what HDMI and everyone have been trying to convey.

XxXxX · Jan 28, 2025

sorry but ..

BitLocker workaround may offer aid for CrowdStrike customers | TechTarget

Locker encryption presented an obstacle for some CrowdStrike customers in the wake of the recent IT outage, but a workaround may solve the problem.

www.techtarget.com

Microsoft has shown the workaround that means the bad guys have the workaround.
as stated, i dont use bitlocker and have no axe to grind.

best of luck, Steve ..

TraderGary · Jan 28, 2025

Win711 said:
Instead you seem to say "I have this and no one has demonstrated publicly that it can be hacked, so I'm all set, and dissenters are just the usual haters whose opinions are to be disregarded."

Please do not put words in my mouth that I did not say and put quotes around them as if I did say them.

You and I both know that there is no such thing as unhackable. But there is such a thing as the probability of being hacked being so remote as not to be of any concern. AES 256-bit encryption has so far only been hacked in theory and not in reality.

I'm confident in using BitLocker on my computers and on my backup SSD drives. Quite frankly, I couldn't care less what the rest of you think and do.

TraderGary · Jan 28, 2025

XxXxX said:
sorry but ..

BitLocker workaround may offer aid for CrowdStrike customers | TechTarget

Locker encryption presented an obstacle for some CrowdStrike customers in the wake of the recent IT outage, but a workaround may solve the problem.

www.techtarget.com

Microsoft has shown the workaround that means the bad guys have the workaround.
as stated, i dont use bitlocker and have no axe to grind.

best of luck, Steve ..

You're assuming that everything techtarget.com prints is true. A lot of misinformation is put on the Internet.

XxXxX · Jan 28, 2025

TraderGary said:
You're assuming that everything techtarget.com prints is true. A lot of misinformation is put on the Internet.

BitLocker recovery without recovery keys how to from cloudstrike in agreement with Microsoft.

https://www.crowdstrike.com/wp-content/uploads/2024/07/BitLocker-recovery-without-recovery-keys-2.0.pdf

do you wish to continue because there is more much much more.
best of luck, Steve ..

kelper · Jan 28, 2025

I think that Crowdstrike run book enables you to delete a misconfigured update; it does not say it decrpts the drive?
Is anyone using Bitlocker willing to test this?

TraderGary · Jan 28, 2025

This is nonsense. Misinformation, misinterpretation, and click-bait.

kelper · Jan 28, 2025

I'm currently encrypting my laptop with the intention of trying that Crowdstrike run book.

Win711 · Jan 28, 2025

TraderGary said:
Please do not put words in my mouth that I did not say and put quotes around them as if I did say them.

Perhaps you're not familiar with the word "seem"? Forgive me if English is not your first language.

So when I say "You seem to say", it is not an exact quote of your words, but an impression of your overall position.

I see nothing wrong with distilling your position down to a summary sentence for the sake of concision. Of course it's reliant upon you not disingenuously claiming I'm quoting your exact wording as a distraction from the point.

TraderGary said:
You and I both know that there is no such thing as unhackable.

"In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked" One-time pad - Wikipedia

TraderGary said:
But there is such a thing as the probability of being hacked being so remote as not to be of any concern.

True but goes back to my point of risk assessment and that you don't have enough information to decide whether bitlocker is appropriate for someone else, like Newmann.

TraderGary said:
AES 256-bit encryption has so far only been hacked in theory and not in reality.

You cannot know that unless you know the happenings in everyone's home. The odds are that you're right, but it's not a certainty.

If Russia cracked it, do you think they would tell anyone?

TraderGary said:
I'm confident in using BitLocker on my computers and on my backup SSD drives. Quite frankly, I couldn't care less what the rest of you think and do.

Yet you keep replying as if you care quite a lot. I don't know what you're fighting for. I think you've articulated your position very well. Although I do enjoy the banter. This is a very informative thread!

kelper · Jan 28, 2025

I tried that Crowdstrike 'run book' but it doesn't work. When I try to log in it says PIN not available, setup new PIN but that fails because I have no internet. I will try using an ethernet connection.

kelper · Jan 28, 2025

With an ethernet connection I was able to reset my PIN. But this involved logging in to my MS account and verfying with a code emailed to me or sent to my phone. This probably 'released' the key to unlock Bitlocker.

So I agree with TraderGuy that this 'backdoor' is bogus.

kelper · Jan 28, 2025

As the article posted by Steve says,

Gujer added that the workaround isn't a vulnerability in BitLocker or a bypass for the encryption. CrowdStrike's guidance merely allows the user to skip over the BitLocker key prompts and enter safe mode. "Since we only need to enable safe mode, decrypting the drive is unnecessary," he said. "After these steps, BitLocker remains intact and protected by the TPM. Safe mode still requires user credentials for login, ensuring the system's security is maintained."

So, MS is stating that this method does not compromise the encryption!

XxXxX · Jan 28, 2025

@kelper
thank you for your above and beyond efforts
i cant use bitlocker to test as my drives are encrypted with VeraCrypt
i still have severe doubts with bitlocker so i shall leave the conversation here.

best of luck, Steve ..

TraderGary · Jan 28, 2025

XxXxX said:
@kelper
thank you for your above and beyond efforts
i cant use bitlocker to test as my drives are encrypted with VeraCrypt
i still have severe doubts with bitlocker so i shall leave the conversation here.

best of luck, Steve ..

Veracrypt is quite well regarded.

I started using BitLocker when it came as part of Windows Vista in 2007.

XxXxX · Jan 28, 2025

TraderGary said:
Veracrypt is quite well regarded.

I started using BitLocker when it came as part of Windows Vista in 2007.

bitlocker wasn’t available for Win 11 home until recently, not that i would have used it.
you also need to log on with an MS account. i log on with a local account so the answer was open source software.
i have nothing saved to the cloud not even my phone which is a Nokia 2660 feature flip phone that doesn’t do the web.
all my systems are cabled, no WiFi, and are all stand alone he only network they are connected to is the internet via two fire walls one hardware firewall the other software. i dont do MS software i use open source software where ever possible and some very old software that i am used to.

best of luck, Steve ..

kelper · Jan 28, 2025

I think Windows 10 Home and Windows 11 Home have always offered Drive Encrption which is Bitlocker without the frills. Am I wrong?

BruceR · Jan 28, 2025

kelper said:
I think Windows 10 Home and Windows 11 Home have always offered Drive Encrption which is Bitlocker without the frills. Am I wrong?

You're correct. Device encryption, since Windows 8.1, over 11 years ago.

TraderGary · Jan 28, 2025

XxXxX said:
bitlocker wasn’t available for Win 11 home until recently, not that i would have used it.
you also need to log on with an MS account. i log on with a local account so the answer was open source software.
i have nothing saved to the cloud not even my phone which is a Nokia 2660 feature flip phone that doesn’t do the web.
all my systems are cabled, no WiFi, and are all stand alone he only network they are connected to is the internet via two fire walls one hardware firewall the other software. i dont do MS software i use open source software where ever possible and some very old software that i am used to.

best of luck, Steve ..

I fully understand. We're opposites. I have a Microsoft account, Microsoft 365 subscription, Microsoft Office, 1TB of cloud OneDrive, and Windows Pro. And I use an Android smartphone.

Best to you too, Steve!

hdmi · Wednesday at 11:30 PM

TraderGary said:
Sorry, @hdmi, since my processor is a modern Intel Core Ultra 9 185H, my TPM is built into the processor itself. There are no external lines to sniff and this sniffing technique is impossible.

Whether your TPM is integrated into your CPU is irrelevant to the proven fact that, no, this vulnerability is not limited to a 10 year-old computer. Again, the point was that Microsoft kept claiming that BitLocker was safe, when the reality is that it was not.

TraderGary said:
, the usual Microsoft haters piled in

I can only speak for myself here of course, but I don't hate Microsoft. Oftentimes when Microsoft does something foolish such as keep claiming that BitLocker is safe, then when the proof gets out again that it most definitely isn't safe, I actually even benefit from those mistakes, I digress...

Bitlocker Security Questions

Stock Market Wizard

My Computer

Active member

My Computer

Well-known member

My Computers

Stock Market Wizard

My Computer

Stock Market Wizard

My Computer

Well-known member

My Computers

Well-known member

My Computers

Stock Market Wizard

My Computer

Well-known member

My Computers

Active member

My Computer

Well-known member

My Computers

Well-known member

My Computers

Well-known member

My Computers

Well-known member

My Computers

Stock Market Wizard

My Computer

Well-known member

My Computers

Well-known member

My Computers

Well-known member

My Computer

Stock Market Wizard

My Computer

Jack of all trades – master of none

My Computers

Similar threads