Can bitlocker be trusted?

The fact that TrueCrypt has had about half a dozen of security issues and CVEs in the past indicates that it's not as simple as you think.

Even the VC guys said 7.1 is more secure than VC

>use something that doesn't even fucking work with UEFI
freetard pls

need to encrypt usb drive on win7 professional. does both vera and TC do flash drive?

>Can bitlocker be trusted?

There is no evidence it can be trusted. Microsoft is well known for spying, is in cahoots with the NSA according to leaked documents and have a lot of incentive to spy on people's encrypted shit. The microsoft spyware still likely collects information from there including the passwords they use according to their terms and conditions.

It's good, but of course it will reduce performance, all software encryption does. However if you have a decent machine the performance impact will be negligible.

Yes but its a pain in the ass to use, windows is just "password and use"

>There is no evidence it can't be trusted.
Fix'd for you
Also
>there is no proof microsoft spies on anyone
Also fixd this once

You might want to return to your designated shilling street, pajeet ghale

You should still care about your rights.

Use veracrypt or something similar

This.

I would love for anyone to provide evidence that Bitlocker is compromised, but no one has.

It's literally distributed with almost all versions of Windows now, if it has security issues then I'm sure all of the big businesses using it would love to know.

theres no proof someone might rob YOUR house, but you still lock it dont you?

BitLocker copies the masterkey to the Microsoft Cloud by default in case you lose the original key.

Never used it and never will, so I can't tell you how to disable this behavior.

>Can bitlocker be trusted?

lolno

>Shift+F10

No it doesn't, it gives you a choice where to store the key.

So, there are a couple attacks that do hit bitlocker, and I imagine anything else that uses a TPM, but they require physical access to not only the system, but a couple leads being soldered to the TPM itself.

In short, if someone wants your data, they'll get it. But there are far easier attack vectors. While I don't bitlocker my desktops, I have bitlocker enabled by group policy for any mobile device.

>trusting Infineon

Just one question:

Do you want to hide stuff from the government or from jamal?

If it's the latter, you can use bitlocker, if not, you'd have to use one of the other alternatives (truecrypt, veracrypt, etc)

Don't worry, we got you backed up!

"When using a Microsoft account"

When not using a Microsoft account, nothing is sent...

>When not using a Microsoft account, nothing is sent...

Do you really believe this?

Do you have a data capture to show otherwise?

>nothing is sent
kek

Always hilarious how everyone on Sup Forums is talking security and how awesome their systems are.

But then defending the crap like Bitlocker.

I have a data capture to prove that when I built a GOSTcrypt/Veracrypt drive that nothing gets backed up to any servers.

>the key gets copied instantly

how do you know they don't exfil the key hours or days later?

how long do you want me to keep the fucking capture running?

stop using close-source software

Sup Forums has been consumerfa/g/gotry for a long time.

Most good anons have left for Leddit, HN and 8/tech/. Such is the fucking state of this board.

Don't trust microsoft, don't trust bitlocker, don't trust proprietary software. Only trust when you've verified the code yourself.

I don't understand, why not just use LUKS?

0/10 invalid bait

>Most good anons have left for Leddit, HN and 8/tech/. Such is the fucking state of this board.

sup reddit

Yes. Leddit now, because proggit and other language-specific boards are miles above:

- AMD BANKRUPT & FINISHED
- GUYS WHAT'S THE BEST BROWSER?
- BEST WINDOWS VERSION THREAD
- SHOULD I USE ANTIVIRUS OR IS IT JUST A MEME?
- GUYS SHOULD I GO NVIDIA OR AMD?
- SHOULD I GET THE 6600 OR IS THE 6600KKK WORTH IT?
- WHAT ARE SOME Sup Forums APPROVED YOUTUBERS?

Fucking say otherwise if you're dumb enough.

>but moooooooom there's freedom of speech on *MY* board how dare they not specifically discuss the same autistic recycled topics for years like I do

there is no proof that god doesn't exist
Check mate, atheists

Also TPM is NOT a requirement in bitlocker.

>Also TPM is NOT a requirement in bitlocker.
By default it still is. A group policy change is required to bitlocker w/o TPM.

Huge businesses use Bitlocker, Microsoft is not going to send the key anywhere unless you tell them to.

>buhuuu by default
Are you mentally retarded, kid? You literally have choice between using TPM and not using it, and you still cry about bitlocker being insecure?
Like seriously, please shoot yourself.

>the same autistic recycled topics

Like the ones I listed? Name one of them that hasn't been going on non-stop for years.

Meanwhile the other sites are discussing new CompSci papers, more effective tooling, discussions on the current state of X in the industry, practical uses of meme stacks, guides for interesting shit and so on. Hacker News probably being the best example of the three as far as quality goes. Just open Sup Forums's gallery and news.ycombinator.com and judge for yourself if you're able to.

"For BitLocker to use the system integrity check provided by a TPM, the computer must have a TPM version1.2. If your computer does not have a TPM, enabling BitLocker will require you to save a startup key on a removable device such as a USB flash drive."

technet.microsoft.com/en-us/library/cc732774(v=ws.11).aspx

not to mention using TPM + PIN, which blows the fuck out this wannabe attack which implies careful dismantling the TPM after weeks of keeping it in acid.
God damnit, why is Sup Forums so fucking retarded these days. Is it because so many millenials are posting here?

>Most good anons have left

And you're still here.

So? You just proved yourself bitlocker doesn't require TPM

>why is Sup Forums so fucking retarded

It's always been like this. Just a bunch of shut-in Linuxtards who think anything made by Microsoft is automatically bad.

What I said is that by default, a TPM is required. A group policy change will bypass the TPM requirement.

No issues here using it on an SSD.

In terms of trust it depends on what you're trying to protect. If you use a microsoft account you can bank on your recovery key being stored by microsoft and who knows how well they store that. If you want to just protect your information from any nefarious character who happens to find your laptop should you lose it, Bitlocker is probably the easiest solution and provides you with sufficient protection as long as you ensure there is no way of the thief recovering the key from an MS account online.

Sup Forums's issue with bitlocker is that it is closed source and MS is a company known to have collaborated with the NSA so we don't know if it safe to use in protecting information that you don't want the likes of the NSA to have access to (it's not the case that we know it isn't safe). My only input is that the UK National Cyber Security Centre approves of Bitlocker for protecting information up to security classifications of official sensitive but not secret or top secret. I think strength of encryption is the biggest issue with using it at secret.

The word "most" seems too complicated for newfags nowadays.

So? Are you too retarded to change it to fit your needs?

Yes, and companies like Sony, Yahoo, Microsoft etc. never get hacked and sensitive data leaked

>Meanwhile the other sites

fuck off there then lad. Oh, those sites don't allow freedom of speech which makes you return to this supposed cesspool as all of them revert into hugboxes?

Only redditors expect this site to be the same """highly"""-informative circlejerk like their favorite bullshit subreddits. The point of this site is free speech, not quality.

You do realize microsoft doesn't have your key unless you configure bitlocker to send it for recovery purposes to them?
*doesn't apply to windows home edition (for poorfags and niggers)

>he thinks he's a good user

>microsoft doesn't have your key
Prove it

We're not talking about hacking, we're talking about Microsoft purposefully putting a backdoor in Bitlocker. Protip: they don't.

>prove that god doesn't exist
>so it exists!
Pure logic.
You're the one accusing microsoft of having your bitlocker key against your will, so you prove they got it. Stupid freetard.
I'll make this easier for you: please point 1 (ONE) case when microsoft gave such key to the authorities

>prove that god exists
>so he doesn't!
Pure logic.

Just because one conclusion is more convenient to you than the other does not make it more or less correct, given the absence of a method of proving either.

In the absence of source code, I choose to believe that a program is either malicious or buggy, because it's the conclusion that's the most useful/convenient to me.

It's just like how in the absence of evidence, I choose to believe that god doesn't exist, because it's again the conclusion that's the most convenient to me.

>that's the most useful/convenient to me.
>to me
to (You)
You're not the OP. OP seems sane, unlike you.
Now please remove yourself from this thread.

>Bitlocker is malicious because I said so!

This is literally you. You sound like a complete idiot.

If you simply don't want niggers who steal your laptop to get your bank info, use Bitlocker.

If you don't want the gubermint spying on your loli porn, engineer your own CPU because your CPU probably has a RNG botnet that renders TC and VeraCrypt useless ;^)

>closed-source tool made by a PRISM company notorious for spying on its users
Again, it doesn't exactly take rocket science to apply occam's razor and go for the conclusion that makes the most sense.

>Zero evidence for your conclusion
>It makes the most sense!

You are completely retarded.

This "closed-source tool" is verified by multiple governmental agencies, just like selinux implementation for Android which you definitely use.
And you still haven't proven they gather these keys against your will. Your "le PRISM company" meme argument doesn't prove ANYTHING.
You got exactly zero information on what this PRISM agreement between MS and US govt was all about.

there is no evidence god is a thing and that is not stopping ISIS and christfags from killing people

Yes dude, you're 100% right.
OP and 99,9% of Sup Forums requires coreboot with no firmware blobs, fully GNU linux distro and dm-crypt instead of vc/bitlocker just to protect usual data from nigger thieves.
If you really think government gives two shits about your sh0ta collection you're delusional and should seek help asap

>Noone cares
>Let me write shota with a 0 just in case lol

Look at you

>just like selinux implementation for Android which you definitely use.
Not all of us are phoneposting pieces of shit

>microsoft shill
who the fuck pays for your chicken tendies?

PRISM is direct, programmatic access to your data under ONE general warrant from FISA. Microsoft has been caught red handed rejiggering its products to facilitate real-time surveillance.

bitlocker works until you try to hide from the gov/microkike
if you're worried some nigger will steal your laptop at starbucks and look at the pictures you took of yourself in a skirt, it'll work

>TPM
What is that?

>big businesses using it

Literally no one

>Literally
I don't think this word means what you think it means...

Does encryption ruin SSDs?

No. Should have basically zero impact.

Modern processors have cipher algorithms accelerated by hardware. The performance difference is negligible.

>Encryption

Either a pedophile or underaged. Fucking NEET. No one is after your anime.

To answer your question, sure, why not? FBI already tracing your IP as we speak.

>your rights.
Which ones

That is why I can use it in a offline machine, right

>Can bitlocker be trusted?
No. It is not possible for individuals to verify the security of bitlocker which means there is no evidence that it provides a sufficient level of security. I recommend using an open source solution.

>I can't look at the source code, therefore it doesn't work

Freetard logic everyone.

freetards on this site couldn't even hack a passworded zip file.. they don't know shit about security

The initial encryption process will do a lot of writes, which lowers your SSD lifespan by like .1%, but it's not a big deal.

Can closed M$ software be trusted?

It can be trusted a lot more than Linux because M$ literally has their entire company on the line.

You cant hack a passworded zip file

Microsoft has also gone to court to fight government access to data. Go away shill

Don't you know? Stuff like privacy policy is just a red herring to keep the sheeple complacent

>TrueCrypt has had about half a dozen of security issues
The fuck you're talking about?
Did you read the fucking audit that proved that nothing is broken?

>The initial encryption process will do a lot of writes
No, that's not how disk encryption works. Encryption layers just affect new writes. Unwritten sectors are unwritten sectors.

Of course, you can always do something like manually nulling your encrypted disk, but that doesn't work reliably for SSDs one way or the other due to internal load balancing. Also note that SSDs typically do their own internal encryption stuff as well.

>which lowers your SSD lifespan by like .1%
Nah, not even that. Modern disks are rated for like 10,000 P/E cycles, so it's more like 0.01%.

>an audit can prove something is secure
get a load of this guy

what's next, gonna prove the earth is flat as well?

Do not use proprietary software for anything that deals with your security and privacy.

Yiou knowf

>If it's the latter, you can use bitlocker, if not, you'd have to use one of the other alternatives (truecrypt, veracrypt, etc)

I hope you don't live in the US

Sure as long as you're protecting your diary from your mom. You can't trust any Microsoft software for security purposes.

There are ways to analyze the bytecode in their bitlocker driver to check for backdoors. Anyone can use Ida pro to do it.