Bitlocker experience

> Hello:
>
> I installed Windows Vista RC2 last sunday, and enabled Bitlocker that same
> day. At first a little bit reluctant to the idea of having my whole volume
> encrypted and potentially locked, since this was a fresh install (still
> had
> no valuable info), I went for it.
>
> Since my laptop does not have a TPM chip, I had to stick with storing the
> key on a USB drive (which happens to be an iPod shuffle by the way).
>
> Well, today, I have loaded all my personal information into the box, and
> my
> experience with Bitlocker is just great. The functionality is truly as
> transparent as the documentation states, and, to my surprise, system
> performance has not been degraded. I actually run a virtual machine (which
> is
> stored in the same encrypted volume) and it runs as fast as before
> enabling
> Bitlocker.
>
> The pre-OS user interface is straightforward and simple, impossible for an
> end-user to get lost. I am an IT Security Consultant, but I always try to
> see
> things as an end-user would.
>
> To those wanting to try Bitlocker by themselves, I'd recommend STRICTLY
> adhering to the Microsoft recommendations and guidelines
> (http://www.microsoft.com/technet/win.../bitlockr.mspx).
>
> Thanks for your time, and my congratulations to the Bitlocker Team at
> Microsoft. I think they've done a marvelous job.

> Thanks very much for this feedback Luis, this is the kind of thing that
> makes my day!
> -
> Jamie Hunter [MS]
>
> "Luis Carlos Delgado (Costa Rica)"
> <LuisCarlosDelgadoCostaRica@discussions.microsoft. com> wrote in message
> news:633FC5C5-B21B-4DED-8E38-A761A1E4D659@microsoft.com...

>> Hello:
>>
>> I installed Windows Vista RC2 last sunday, and enabled Bitlocker that
>> same
>> day. At first a little bit reluctant to the idea of having my whole
>> volume
>> encrypted and potentially locked, since this was a fresh install (still
>> had
>> no valuable info), I went for it.
>>
>> Since my laptop does not have a TPM chip, I had to stick with storing the
>> key on a USB drive (which happens to be an iPod shuffle by the way).
>>
>> Well, today, I have loaded all my personal information into the box, and
>> my
>> experience with Bitlocker is just great. The functionality is truly as
>> transparent as the documentation states, and, to my surprise, system
>> performance has not been degraded. I actually run a virtual machine
>> (which is
>> stored in the same encrypted volume) and it runs as fast as before
>> enabling
>> Bitlocker.
>>
>> The pre-OS user interface is straightforward and simple, impossible for
>> an
>> end-user to get lost. I am an IT Security Consultant, but I always try to
>> see
>> things as an end-user would.
>>
>> To those wanting to try Bitlocker by themselves, I'd recommend STRICTLY
>> adhering to the Microsoft recommendations and guidelines
>> (http://www.microsoft.com/technet/win.../bitlockr.mspx).
>>
>> Thanks for your time, and my congratulations to the Bitlocker Team at
>> Microsoft. I think they've done a marvelous job.

>

> Jamie,
> Could you give me your email id?
>
> --
> Vipin Aravind
> http://blogs.explorewindows.com
>

> Thanks very much for this feedback Luis, this is the kind of thing that
> makes my day!
> -
> Jamie Hunter [MS]
>
> "Luis Carlos Delgado (Costa Rica)"
> <LuisCarlosDelgadoCostaRica@discussions.microsoft. com> wrote in message
> news:633FC5C5-B21B-4DED-8E38-A761A1E4D659@microsoft.com...

>> Hello:
>>
>> I installed Windows Vista RC2 last sunday, and enabled Bitlocker that
>> same
>> day. At first a little bit reluctant to the idea of having my whole
>> volume
>> encrypted and potentially locked, since this was a fresh install
>> (still had
>> no valuable info), I went for it.
>>
>> Since my laptop does not have a TPM chip, I had to stick with storing the
>> key on a USB drive (which happens to be an iPod shuffle by the way).
>>
>> Well, today, I have loaded all my personal information into the box,
>> and my
>> experience with Bitlocker is just great. The functionality is truly as
>> transparent as the documentation states, and, to my surprise, system
>> performance has not been degraded. I actually run a virtual machine
>> (which is
>> stored in the same encrypted volume) and it runs as fast as before
>> enabling
>> Bitlocker.
>>
>> The pre-OS user interface is straightforward and simple, impossible
>> for an
>> end-user to get lost. I am an IT Security Consultant, but I always try
>> to see
>> things as an end-user would.
>>
>> To those wanting to try Bitlocker by themselves, I'd recommend STRICTLY
>> adhering to the Microsoft recommendations and guidelines
>> (http://www.microsoft.com/technet/win.../bitlockr.mspx).
>>
>> Thanks for your time, and my congratulations to the Bitlocker Team at
>> Microsoft. I think they've done a marvelous job.

>

> Hi,
>
> If the CIA/FBI get hold of a "terrorist" laptop that has bitlocker
> encryption, how long will it take them to get the information off the
> laptop if the suspected owner refuses to disclose the password?
>
> Jamie Hunter [MS] wrote:

>> Thanks very much for this feedback Luis, this is the kind of thing that
>> makes my day!
>> -
>> Jamie Hunter [MS]
>>
>> "Luis Carlos Delgado (Costa Rica)"
>> <LuisCarlosDelgadoCostaRica@discussions.microsoft. com> wrote in message
>> news:633FC5C5-B21B-4DED-8E38-A761A1E4D659@microsoft.com...

>>> Hello:
>>>
>>> I installed Windows Vista RC2 last sunday, and enabled Bitlocker that
>>> same
>>> day. At first a little bit reluctant to the idea of having my whole
>>> volume
>>> encrypted and potentially locked, since this was a fresh install (still
>>> had
>>> no valuable info), I went for it.
>>>
>>> Since my laptop does not have a TPM chip, I had to stick with storing
>>> the
>>> key on a USB drive (which happens to be an iPod shuffle by the way).
>>>
>>> Well, today, I have loaded all my personal information into the box, and
>>> my
>>> experience with Bitlocker is just great. The functionality is truly as
>>> transparent as the documentation states, and, to my surprise, system
>>> performance has not been degraded. I actually run a virtual machine
>>> (which is
>>> stored in the same encrypted volume) and it runs as fast as before
>>> enabling
>>> Bitlocker.
>>>
>>> The pre-OS user interface is straightforward and simple, impossible for
>>> an
>>> end-user to get lost. I am an IT Security Consultant, but I always try
>>> to see
>>> things as an end-user would.
>>>
>>> To those wanting to try Bitlocker by themselves, I'd recommend STRICTLY
>>> adhering to the Microsoft recommendations and guidelines
>>> (http://www.microsoft.com/technet/win.../bitlockr.mspx).
>>>
>>> Thanks for your time, and my congratulations to the Bitlocker Team at
>>> Microsoft. I think they've done a marvelous job.

>>

>
>
> --
> Gerry Hickman (London UK)

> If they are using TPM only then the key is in the chip and probalby
> accesable with the technology they have.

> If they escrow the key to a domain
> I am sure the FBI can get that too.

> If you do TPM + PIN using managebde
> then there is less likely hood they could get at the data.

> But I dobut a
> terrorist would trust the built in encryption technology anyway.

> Hi Josh,
>

>> If they are using TPM only then the key is in the chip and probalby
>> accesable with the technology they have.

>
> Does this mean there's a back door into TPM?

>

>> If they escrow the key to a domain I am sure the FBI can get that too.

>
> Can you explain what it means "escrow the key to a domain". Do you mean
> like the laptop is joined to a domain and they have an enterprise
> certificate setup (or similar) but the FBI could hack the corporate domain
> and get the key?

>

> > If you do TPM + PIN using managebde
>> then there is less likely hood they could get at the data.

>
> Interesting...
>

>> But I dobut a terrorist would trust the built in encryption technology
>> anyway.

>
> Hehe!
>
> --
> Gerry Hickman (London UK)