Does bitlocker work without a TPM module or USB Flash Drive?

[Guest piclistguy@yahoo.com]

I am about to purchase a Dell M1330, which doesnt offer a TPM module.

I also don't want to deal with plugging in a USB Flash drive every

time I boot up (which could get stolen with a laptop).

I have the following questions regarding Bitlocker

 

#1 Can I still use the Bitlocker feature of Windows Vista with a TPM

module or USB flash drive?

#2 Are there any articles that document how secure Bitlocker is in

keeping your data safe if your laptop is stolen?

#3 If for some reason that operating system gets corrupt, is there a

way to extract my data off of the hard drive if I have the encryption

keys?

 

Thanks

[Guest benedito78]

If you have no TPM you must use a USB key, the method of using the USB key

only does not appear on the bitlocker control panel but it can be done. I

haven't tried using bitlocker with a machine with no TPM yet so someone else

may be better suited to answer with the procedure.

 

http://technet2.microsoft.com/WindowsVista...3.mspx?mfr=true

 

There is a link to details about bitlocker, bitlocker uses AES128 or AES256

if you do the registry hack, AES has been around long enough that it is

trusted as a good encryption method. Microsoft added an "elephant diffuser"

with the idea that it would help combat a brute force attack. Bitlocker is

well documented and Microsoft has no trouble explaining how it works and

what pitfalls there may be so I for one trust it.

 

If you don't want to use the USB key and don't have a TPM, you could go to

www.truecrypt.org and try their encryption program, it is also well

documented and has been around awhile.

 

With either bitlocker or truecrypt, I'd say "lotsa luck" to anybody who got

ahold of your encrypted data, except maybe the NSA...

 

-Lou

 

 

 

<piclistguy@yahoo.com> wrote in message

news:3eb5670c-6ce5-4d00-badd-278d256e534c@i12g2000prf.googlegroups.com...<span style="color:blue">

>I am about to purchase a Dell M1330, which doesnt offer a TPM module.

> I also don't want to deal with plugging in a USB Flash drive every

> time I boot up (which could get stolen with a laptop).

> I have the following questions regarding Bitlocker

>

> #1 Can I still use the Bitlocker feature of Windows Vista with a TPM

> module or USB flash drive?

> #2 Are there any articles that document how secure Bitlocker is in

> keeping your data safe if your laptop is stolen?

> #3 If for some reason that operating system gets corrupt, is there a

> way to extract my data off of the hard drive if I have the encryption

> keys?

>

> Thanks </span>

[Guest Gary Mount]

You can use BitLocker on a computer without a TPM module and without needing

to plug in a USB Flash drive.

You will have to enter a series of numbers whenever you boot up your

computer or come out of hibernation.

For example a set of numbers like the following

218207-465773-304260-135740-029018-277519-329681-038918

will be required.

You will be best to have a backup solution rather than hoping you can

recover your data from a corrupted hardrive/system.

After all, if your hard drive crashed, you would have a difficult time

getting the data off anyway.

 

<piclistguy@yahoo.com> wrote in message

news:3eb5670c-6ce5-4d00-badd-278d256e534c@i12g2000prf.googlegroups.com...<span style="color:blue">

> I am about to purchase a Dell M1330, which doesnt offer a TPM module.

> I also don't want to deal with plugging in a USB Flash drive every

> time I boot up (which could get stolen with a laptop).

> I have the following questions regarding Bitlocker

>

> #1 Can I still use the Bitlocker feature of Windows Vista with a TPM

> module or USB flash drive?

> #2 Are there any articles that document how secure Bitlocker is in

> keeping your data safe if your laptop is stolen?

> #3 If for some reason that operating system gets corrupt, is there a

> way to extract my data off of the hard drive if I have the encryption

> keys?

>

> Thanks </span>

[Guest Man-wai Chang ToDie]

piclistguy@yahoo.com wrote:<span style="color:blue">

> I am about to purchase a Dell M1330, which doesnt offer a TPM module.

> I also don't want to deal with plugging in a USB Flash drive every

> time I boot up (which could get stolen with a laptop).

> I have the following questions regarding Bitlocker</span>

 

How about trying TrueCrypt? style_emoticons/

 

--

@~@ Might, Courage, Vision, SINCERITY.

/ v \ Simplicity is Beauty! May the Force and Farce be with you!

/( _ )\ (Xubuntu 7.04) Linux 2.6.24.2

^ ^ 17:10:02 up 5 days 7:10 0 users load average: 0.02 0.02 0.00

? ? (CSSA):

http://www.swd.gov.hk/tc/index/site_pubsvc...sub_addressesa/

[Guest Kevin Young]

"piclistguy@yahoo.com" <piclistguy@yahoo.com> wrote in message

news:3eb5670c-6ce5-4d00-badd-278d256e534c@i12g2000prf.googlegroups.com:

<span style="color:blue">

> I am about to purchase a Dell M1330, which doesnt offer a TPM module.

> I also don't want to deal with plugging in a USB Flash drive every

> time I boot up (which could get stolen with a laptop).

> I have the following questions regarding Bitlocker

>

> #1 Can I still use the Bitlocker feature of Windows Vista with a TPM

> module or USB flash drive?

> #2 Are there any articles that document how secure Bitlocker is in

> keeping your data safe if your laptop is stolen?

> #3 If for some reason that operating system gets corrupt, is there a

> way to extract my data off of the hard drive if I have the encryption

> keys?

>

> Thanks</span>

 

1. If you have an SD Card slot you can use an SD Card rather than a USB

Flash Drive with Bitlocker. When using a USB Drive or SD Drive you can

pull the SD Card or USB drive out of the computer as soon as Bitlocker

finds it at boot-up. In fact Bitlocker will prompt you to remove the

UZB Drive or SD Card but will continue to boot if you leave it in.

 

2. There's a white paper here that you can download on BitLocker:

<http://whitepapers.silicon.com/0,39024759,60304355p-39000366q,00.htm>

 

3. Get Acronis True Image Home and make an image of your drive for

back-up purposes. The back-up will not be encrypted with Bitlocker so

store your back-up device in a safe place. Acronis combined with a USB

Hard Drive makes back-ups easy and quick.

[Guest glr]

I love the idea to store the Bitlocker key on a SD card. My Dell XPS M1530 has Vista Ultimate and, accordingly Bitlocker. Bitlocker unfortunately does not recognize the SD card during setup.

 

Any tips?

 

Greg

 

 

Post Originated from http://www.VistaForums.com Vista Support Forums

[Guest Thomas Allen]

Well it has to be detected in bios as a usb device. IT is impossible to use

bitlocker without a usb drive or TPM module, as it needs something to get the

key to unlock the hard drive. Otherwise your hard drive could just get hacked

because it has the key on it.

Basically, if someone gets your hard drive it is all scrambled unless they

find the key.

[Guest Alun Jones]

"Thomas Allen" <ThomasAllen@discussions.microsoft.com> wrote in message

news:8EE9F784-9007-4FA8-B6BB-54FEFA4F32A0@microsoft.com...<span style="color:blue">

> Well it has to be detected in bios as a usb device. IT is impossible to

> use

> bitlocker without a usb drive or TPM module, as it needs something to get

> the

> key to unlock the hard drive. Otherwise your hard drive could just get

> hacked

> because it has the key on it.

> Basically, if someone gets your hard drive it is all scrambled unless they

> find the key.</span>

 

This is basically my argument against using USB + TPM.

 

The USB stick is likely either to be plugged in to the laptop (hey, who's

going to 'waste' a USB stick by storing a few dozen bytes on it, when they

could also use it for storing files that they want to carry around), or in

the laptop bag (in which case, the laptop is probably in there, so the thief

has it as well).

 

If you have the keying material, you can boot up the laptop, and then attack

it through traditional means (network, Firewire, etc).

 

I'd like to see USB + PIN supported, and I'd like to see people thinking

about PIN + TPM as the right solution.

 

Alun.

~~~~

--

Texas Imperial Software | Web: http://www.wftpd.com/

23921 57th Ave SE | Blog: http://msmvps.com/alunj/

Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.

Fax/Voice +1(206)428-1991 | Try our NEW client software, WFTPD Explorer.