If you are a Windows user and ever considered protecting your data with full-disk encryption, you have probably heard about BitLocker. BitLocker is Microsoft’s implementation of full-disk encryption that is built into many versions of Windows. You maybe even using BitLocker without realizing that you do – for example, if you have a Surface or a similar thin-and-light Windows device. At the same time, BitLocker encryption is not available by default on desktops if you are using the Home edition of Windows 10. Activating BitLocker on your system disk can be tricky and may not work right away even if your Windows edition supports it. In this article, we are offering an introduction to BitLocker encryption. We’ll detail the types of threats BitLocker can effectively protect your data against, and the type of threats against which BitLocker is useless. Finally, we’ll describe how to activate BitLocker on systems that don’t meet Microsoft’s hardware requirements, and evaluate whether it’s worth it or not security-wise.
It’s been a long while since we made an update to one of our most technically advanced tools, Elcomsoft Forensic Disk Decryptor (EFDD). With this tool, one could extract data from an encrypted disk volume (FileVault 2, PGP, BitLocker or TrueCrypt) by utilizing the binary encryption key contained in the computer’s RAM. We could find and extract that key by analyzing the memory dump or hibernation files.
How often do you think forensic specialists have to deal with encrypted containers? Compared with office documents and archives that are relatively infrequent, every second case involves an encrypted container. It may vary, but these evaluations are based on a real survey conducted by our company.
In the world of Windows dominance, Apple’s Mac OS X enjoys a healthy market share of 9.5% among desktop operating systems. The adoption of Apple’s desktop OS (macOS seems to be the new name) is steadily growing. This is why we are targeting Mac OS with our tools.
Investigators start seeing BitLocker encrypted volumes more and more often, yet computer users themselves may be genuinely unaware of the fact they’ve been encrypting their disk all along. How can you break into BitLocker encryption? Do you have to brute-force the password, or is there a quick hack to exploit?
BitLocker is a popular full-disk encryption scheme employed in all versions of Windows (but not in every edition) since Windows Vista. BitLocker is used to protect stationary and removable volumes against outside attacks. Since Windows 8, BitLocker is activated by default on compatible devices if the administrative account logs in with Microsoft Account credentials. BitLocker protection is extremely robust, becoming a real roadblock for digital forensics.
We’ve recently updated Elcomsoft Distributed Password Recovery, adding enhanced GPU-assisted recovery for many supported formats. In a word, the new release adds GPU-accelerated recovery for OS X keychain, triples BitLocker recovery speeds, improves W-Fi password recovery and enhances GPU acceleration support for Internet Key Exchange (IKE).
BitLocker, PGP and TrueCrypt set industry standard in the area of whole-disk and partition encryption. All three tools provide strong, reliable protection, and offer a perfect implementation of strong crypto.