Windows 10 Is Both Less And More Secure

[steven36]

Paradoxically, Windows 10 has arrived with a whole host of security improvements over previous versions, yet has introduced some potential security pitfalls. Some of these will depend on how end users configure and use their copy of Windows 10, others depend on Microsoft to safely implement a whole raft of connectivity and cloud-dependent features.

“Windows 10 should be more secure than any prior version of Windows.”

Speaking to CSO Online, a resource for security professionals, a spokesperson for Cylance confirms that Windows 10 is likely to be the most secure iteration of Microsoft’s flagship operating system. However, that will still be dependent on anti-malware protection and training end users in corporations to avoid the mistakes that typically open up the system to attack.

Continued support for legacy software by Windows 10 was also noted by a spokesperson for Norton as significant. It doesn’t matter how well “walled gardens” work at restricting the power of new apps to alter important Windows 10 files, many users will continue to use old software they purchased on Windows 10, some of which will have security issues, opening up the whole system to attack.

Microsoft has also added a number of access points for themselves into the system. For example, their ability to remove pirated games, roll out patches automatically, and significant improvements to the support for the cloud in Windows 10. None of these features automatically make Windows 10 insecure, but they open up more avenues where security vulnerabilities could arise, which wouldn’t exist if Windows 10 was less connected, and included less backdoors for Microsoft to access and make changes — rooting around to find and delete games requires a lot of access, by definition.

However, it’s not all bad news for Windows 10, with almost everything Microsoft is trying to bring to the table with the OS good for security. One of the highlights, reported by ZDNet, is the addition of Windows Hello. This brings biometric authentication to Windows 10, which even MacWorld notes gives Windows 10 a slight edge over the desktop Mac experience, which has yet to benefit from this technology.

Automatic security updates will reduce the number of Windows 10 users who are unpatched — the blight of XP. However, with the differences between the home and professional versions, Windows 10 will see some small businesses with a “bring your own device” policy see several users with the home version, on default settings, which can leave them less secure than a typical corporate machine in the past, as noted by Bank Info Security.

There’s also the problem of automatic discovery of Xboxes and other Windows 10 devices on home networks by corporate devices taken home. It’s likely many businesses will have to disable those features to ensure maximum security in Windows 10 laptops given to employees.

Source

[Holmes]

Microsoft has also added a number of access points for themselves into the system. For example, their ability to remove pirated games, roll out patches automatically, and significant improvements to the support for the cloud in Windows 10. None of these features automatically make Windows 10 insecure, but they open up more avenues where security vulnerabilities could arise, which wouldn’t exist if Windows 10 was less connected, and included less backdoors for Microsoft to access and make changes — rooting around to find and delete games requires a lot of access, by definition.

Source

There is no proof that it can remove pirated games all of that is conjectures. I do agree they shouldnt have made windows update the way they did thats stupid. The possibility that there is a backdoor to remove pirated games is the same as the possibility that windows firewall is backdoored and allows what you tell it to block for microsoft services only (its almost the same users are misinterpreting the eula and they are going to keep misinterpreting the eula unless microsoft updates it to make better sense whens that going to happen). Hear say in this forum is as dangerous as malware out in the wild its ridiculous.

[steven36]

Paradoxically, Windows 10 has arrived with a whole host of security improvements over previous versions, yet has introduced some potential security pitfalls. Some of these will depend on how end users configure and use their copy of Windows 10, others depend on Microsoft to safely implement a whole raft of connectivity and cloud-dependent features.

“Windows 10 should be more secure than any prior version of Windows.”

Microsoft has also added a number of access points for themselves into the system. For example, their ability to remove pirated games, roll out patches automatically, and significant improvements to the support for the cloud in Windows 10. None of these features automatically make Windows 10 insecure, but they open up more avenues where security vulnerabilities could arise, which wouldn’t exist if Windows 10 was less connected, and included less backdoors for Microsoft to access and make changes — rooting around to find and delete games requires a lot of access, by definition.

Source

There is no proof that it can remove pirated games all of that is conjectures. I do agree they shouldnt have made windows update the way they did thats stupid. The possibility that there is a backdoor to remove pirated games is the same as the possibility that windows firewall is backdoored and allows what you tell it to block for microsoft services only (its almost the same users are misinterpreting the eula and they are going to keep misinterpreting the eula unless microsoft updates it to make better sense whens that going to happen). Hear say in this forum is as dangerous as malware out in the wild its ridiculous.

While there's no proof Microsoft can do it Microsoft says they can do it. This most likely is for new apps from windows store not legacy apps no way. Sony is forever breaking Jailbreak for these type apps and china is cracking down hard on it.

"We may automatically check your version of the software and download software updates or configuration changes, including those that prevent you from accessing the Services, playing counterfeit games, or using unauthorised hardware peripheral devices," reads the agreement.

https://www.microsoft.com/en-us/servicesagreement/

Anyways there's more to worry about than can they remove a game or not . Its the fact Microsoft has also added a number of access points for themselves into the system. Its in the Cloud 24/7 unless you disable and block these services it could cause Hackers to gain access to you're computer thorough there builtin back doors .

[Holmes]

Obviously they can do it i am saying there is no proof that they have implemented such access no where in the eula says we can delete things from your system at will. Torrentfreak post has spread to much FUD fear uncertainty and doubt not so much fear as uncertainty and doubt. Like Ill bet my childs life on it swear on the bible things. The number one enemy to windows ten isnt security as much as the misinterruptions of all the articles that have been posted.

Microsoft needs to learn how to write eulas better hahahaha. You edited your post when I posted this. I can jailbreak my samsung phone but I refuse to hack my phone as it can open it up to attacks there are infections going after jailbroken phones. I think all the junk (is going to (hopefully) get fixed this year.

[steven36]

Obviously they can do it i am saying there is no proof that they have implemented such access no where in the eula says we can delete things from your system at will. Torrentfreak post has spread to much FUD fear uncertainty and doubt not so much fear as uncertainty and doubt. Like Ill bet my childs life on it swear on the bible things. The number one enemy to windows ten isnt security as much as the misinteruptions of all the articles that have been posted. Microsoft needs to learn how to write eulas better hahahaha.

Sony and others do it all the time .Jailbreaking pirates popped in world's largest iCloud raid

If anything was Cracked that you get from Windows Store I fell like Microsoft could do it easy as well All it takes is one piece of malware to penetrate one of there back doors and end up with a epidemic like they have on phones .

[Holmes]

I have to agree with that If only microsoft could harden the security of the backdoors make them difficult to exploit like someone putting a brand new backdoor on there house but not a steal one a titanium one (or one with the strongest metal we have available unfortunately we are talkming about windows here and the chance of that happening is as good as winning the lottery).

[Israeli_Eagle]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

[steven36]

I have to agree with that If only microsoft could harden the security of the backdoors make them difficult to exploit like someone putting a brand new backdoor on there house but not a steal one a titanium one (or one with the strongest metal we have available unfortunately we are talkming about windows here and the chance of that happening is as good as winning the lottery).

Well when Microsoft states they can remove games etc . There talking about thorough there services (AKA windows store) there not talking about legacy apps the ones you install i dont think they are anyways are do most places that posted about . Most of Microsoft backdoors is trough its services anyway. That's why the FBI is all up in there face because they keep a record of what you do using them . If Microsoft loses in Court they will have to hand over the way to get in Bitlocker to the US Government. Then there going after Sony next to make them unlock encryption. If They lose in court the whole world will have legal access to you're Microsoft data .

[steven36]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

http://www.zdnet.com/article/will-windows-10s-coming-security-features-win-over-windows-7-users/

But why would you trust it ? U.S Government are out to make all Big companies unlock encryption You would be better Off using Open Source encryption. Even the FBI says Open Source encryption is hard to control . :P

[Israeli_Eagle]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

[steven36]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

People have it on windows 10 already you can read more about it here

http://superuser.com/questions/942969/can-i-upgrade-to-windows-10-with-bitlocker-enabled

BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8, or 8.1 or 10, or the Ultimate version of Windows 7. However, the “core” version of Windows 8.1 includes a “Device Encryption” feature that works similarly.

http://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/

Sept 8th, Microsoft officials went public with the fact that Windows 10 doesn't yet have the promised Enterprise Data Protection and Passport Enterprise functionality that officials touted earlier this year. (If you read carefully between the lines, Microsoft did concede in various places that Windows 10 was missing these pieces, along with the promised Windows Store for Business capability.)

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

But there are other Windows 10 security features Microsoft has done surprisingly little to trumpet.

One is BitLocker drive encryption. Though this feature was part of Windows 7 and is still in Windows 10, Microsoft is broadening the group of users who can get it. With Windows 7, only Ultimate and Enterprise users got BitLocker. With Windows 10, Pro, Enterprise and Education users all get it.

[Israeli_Eagle]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

People have it on windows 10 already you can read more about it here

http://superuser.com/questions/942969/can-i-upgrade-to-windows-10-with-bitlocker-enabled

BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8, or 8.1 or 10, or the Ultimate version of Windows 7. However, the “core” version of Windows 8.1 includes a “Device Encryption” feature that works similarly.

http://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/

Sept 8th, Microsoft officials went public with the fact that Windows 10 doesn't yet have the promised Enterprise Data Protection and Passport Enterprise functionality that officials touted earlier this year. (If you read carefully between the lines, Microsoft did concede in various places that Windows 10 was missing these pieces, along with the promised Windows Store for Business capability.)

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

Gosh....... You can use BitLocker, but not with the Elephant Diffuser!!! :duh:

[steven36]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

People have it on windows 10 already you can read more about it here

http://superuser.com/questions/942969/can-i-upgrade-to-windows-10-with-bitlocker-enabled

BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8, or 8.1 or 10, or the Ultimate version of Windows 7. However, the “core” version of Windows 8.1 includes a “Device Encryption” feature that works similarly.

http://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/

Sept 8th, Microsoft officials went public with the fact that Windows 10 doesn't yet have the promised Enterprise Data Protection and Passport Enterprise functionality that officials touted earlier this year. (If you read carefully between the lines, Microsoft did concede in various places that Windows 10 was missing these pieces, along with the promised Windows Store for Business capability.)

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

Gosh....... You can use BitLocker, but not with the Elephant Diffuser!!! :duh:

Yes you're right they removed that part of it .. The FBI dont even see unlocking encryption as a security flaw because these companies that make it do it all the time . Microsoft has the key to unlock it regradless if it has Elephant Diffuser or not so why would you trust it ether way? I never trusted it or do I trust any other encryption made by software giants.

[Israeli_Eagle]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

People have it on windows 10 already you can read more about it here

http://superuser.com/questions/942969/can-i-upgrade-to-windows-10-with-bitlocker-enabled

BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8, or 8.1 or 10, or the Ultimate version of Windows 7. However, the “core” version of Windows 8.1 includes a “Device Encryption” feature that works similarly.

http://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/

Sept 8th, Microsoft officials went public with the fact that Windows 10 doesn't yet have the promised Enterprise Data Protection and Passport Enterprise functionality that officials touted earlier this year. (If you read carefully between the lines, Microsoft did concede in various places that Windows 10 was missing these pieces, along with the promised Windows Store for Business capability.)

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

Gosh....... You can use BitLocker, but not with the Elephant Diffuser!!! :duh:

Yes you're right they removed that part of it .. The FBI dont even see unlocking encryption as a security flaw because these companies that make it do it all the time . Microsoft has the key to unlock it regradless if it has Elephant Diffuser or not so why would you trust it ether way? I never trusted it or do I trust any other encryption made by software giants.

Wrong, sorry. The Elephant Diffuser is much harder, because there is no super-key. Only the machine itself create then the key via the diffuser! So because of that they removed it in the newer toy-Windows versions. :P

[straycat19]

If Microsoft loses in Court they will have to hand over the way to get in Bitlocker to the US Government.

Any forensic expert can get into bitlocker and have been able to, this is nothing new. All the encryption programs have access routines for forensics software or special software released by the manufacturer to LEOs and forensic experts.

[steven36]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

People have it on windows 10 already you can read more about it here

http://superuser.com/questions/942969/can-i-upgrade-to-windows-10-with-bitlocker-enabled

BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8, or 8.1 or 10, or the Ultimate version of Windows 7. However, the “core” version of Windows 8.1 includes a “Device Encryption” feature that works similarly.

http://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/

Sept 8th, Microsoft officials went public with the fact that Windows 10 doesn't yet have the promised Enterprise Data Protection and Passport Enterprise functionality that officials touted earlier this year. (If you read carefully between the lines, Microsoft did concede in various places that Windows 10 was missing these pieces, along with the promised Windows Store for Business capability.)

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

Gosh....... You can use BitLocker, but not with the Elephant Diffuser!!! :duh:

Yes you're right they removed that part of it .. The FBI dont even see unlocking encryption as a security flaw because these companies that make it do it all the time . Microsoft has the key to unlock it regradless if it has Elephant Diffuser or not so why would you trust it ether way? I never trusted it or do I trust any other encryption made by software giants.

Wrong, sorry. The Elephant Diffuser is much harder, because there is no super-key. Only the machine itself create then the key via the diffuser! So because of that they removed it in the newer toy-Windows versions. :P

Its not hard for Microsoft to get into it , if Microsoft owns it or puts its in there product its been compromised by them . there not going to put nothing into there products ever that they cant unlock.

If Microsoft loses in Court they will have to hand over the way to get in Bitlocker to the US Government.

Any forensic expert can get into bitlocker and have been able to, this is nothing new. All the encryption programs have access routines for forensics software or special software released by the manufacturer to LEOs and forensic experts.

we all know NSA done this sort of thing but if they lose in court any law enforcement will be able to do it .

Can the NSA Break Microsoft's BitLocker?

This implies that the US intelligence community -- I'm guessing the NSA here -- can break BitLocker. The source document, though, is much less definitive about it.

https://www.schneier.com/blog/archives/2015/03/can_the_nsa_bre_1.html

If not NSA one of the US agencies can do it. Most likely it is NSA.

[Israeli_Eagle]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

People have it on windows 10 already you can read more about it here

http://superuser.com/questions/942969/can-i-upgrade-to-windows-10-with-bitlocker-enabled

BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8, or 8.1 or 10, or the Ultimate version of Windows 7. However, the “core” version of Windows 8.1 includes a “Device Encryption” feature that works similarly.

http://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/

Sept 8th, Microsoft officials went public with the fact that Windows 10 doesn't yet have the promised Enterprise Data Protection and Passport Enterprise functionality that officials touted earlier this year. (If you read carefully between the lines, Microsoft did concede in various places that Windows 10 was missing these pieces, along with the promised Windows Store for Business capability.)

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

Gosh....... You can use BitLocker, but not with the Elephant Diffuser!!! :duh:

Yes you're right they removed that part of it .. The FBI dont even see unlocking encryption as a security flaw because these companies that make it do it all the time . Microsoft has the key to unlock it regradless if it has Elephant Diffuser or not so why would you trust it ether way? I never trusted it or do I trust any other encryption made by software giants.

Wrong, sorry. The Elephant Diffuser is much harder, because there is no super-key. Only the machine itself create then the key via the diffuser! So because of that they removed it in the newer toy-Windows versions. :P

Its not hard for Microsoft to get into it , if Microsoft owns it or puts its in there product its been compromised by them . there not going to put nothing into there products ever that they cant unlock.

If Microsoft loses in Court they will have to hand over the way to get in Bitlocker to the US Government.

Any forensic expert can get into bitlocker and have been able to, this is nothing new. All the encryption programs have access routines for forensics software or special software released by the manufacturer to LEOs and forensic experts.

we all know NSA done this sort of thing but if they lose in court any law enforcement will be able to do it .

Can the NSA Break Microsoft's BitLocker?

This implies that the US intelligence community -- I'm guessing the NSA here -- can break BitLocker. The source document, though, is much less definitive about it.

https://www.schneier.com/blog/archives/2015/03/can_the_nsa_bre_1.html

If not NSA one of the US agencies can do it. Most likely it is NSA.

If so... Why they needed then easier/cheaper versions (without Elephant Diffuser)?

[steven36]

Bitlocker Elephant Diffuser is not there anymore, actually already since Win8. But now we have an idea why... B)

There going add this back soon but not to (home users ) Only pro and above.

I saw no plan yet to add Elephant Diffuser again.

People have it on windows 10 already you can read more about it here

http://superuser.com/questions/942969/can-i-upgrade-to-windows-10-with-bitlocker-enabled

BitLocker Drive Encryption and BitLocker To Go require a Professional or Enterprise edition of Windows 8, or 8.1 or 10, or the Ultimate version of Windows 7. However, the “core” version of Windows 8.1 includes a “Device Encryption” feature that works similarly.

http://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/

Sept 8th, Microsoft officials went public with the fact that Windows 10 doesn't yet have the promised Enterprise Data Protection and Passport Enterprise functionality that officials touted earlier this year. (If you read carefully between the lines, Microsoft did concede in various places that Windows 10 was missing these pieces, along with the promised Windows Store for Business capability.)

Microsoft is planning to get these features into Windows 10 preview builds some time this month so as to be able to roll them out later this year, presumably as part of the late Fall Threshold 2 release.

Gosh....... You can use BitLocker, but not with the Elephant Diffuser!!! :duh:

Yes you're right they removed that part of it .. The FBI dont even see unlocking encryption as a security flaw because these companies that make it do it all the time . Microsoft has the key to unlock it regradless if it has Elephant Diffuser or not so why would you trust it ether way? I never trusted it or do I trust any other encryption made by software giants.

Wrong, sorry. The Elephant Diffuser is much harder, because there is no super-key. Only the machine itself create then the key via the diffuser! So because of that they removed it in the newer toy-Windows versions. :P

Its not hard for Microsoft to get into it , if Microsoft owns it or puts its in there product its been compromised by them . there not going to put nothing into there products ever that they cant unlock.

If Microsoft loses in Court they will have to hand over the way to get in Bitlocker to the US Government.

Any forensic expert can get into bitlocker and have been able to, this is nothing new. All the encryption programs have access routines for forensics software or special software released by the manufacturer to LEOs and forensic experts.

we all know NSA done this sort of thing but if they lose in court any law enforcement will be able to do it .

Can the NSA Break Microsoft's BitLocker?

This implies that the US intelligence community -- I'm guessing the NSA here -- can break BitLocker. The source document, though, is much less definitive about it.

https://www.schneier.com/blog/archives/2015/03/can_the_nsa_bre_1.html

If not NSA one of the US agencies can do it. Most likely it is NSA.

If so... Why they needed then easier versions (without Elephant Diffuser)?

NSA told them to remove it because it was hard for them to get into . But Its not hard for M$ to get into . If they lose in Court . All law enforcement has to do is get a court order there going have to comply. Bitlocker was never meant to keep out law enforcement it was meant to protect you against stranded theft .

[Israeli_Eagle]

If so... Why they needed then easier versions (without Elephant Diffuser)?

NSA told them to remove it because it was hard for them to get into . But Its not hard for M$ to get into . If they lose in Court . All law enforcement has to do is get a court order there going have to comply. Bitlocker was never meant to keep out law enforcement it was meant to protect you against stranded theft .

Well...... NSA is for sure stronger as MS, ergo: Win7 with Elephant Diffuser is still safe! :P

[steven36]

If so... Why they needed then easier versions (without Elephant Diffuser)?

NSA told them to remove it because it was hard for them to get into . But Its not hard for M$ to get into . If they lose in Court . All law enforcement has to do is get a court order there going have to comply. Bitlocker was never meant to keep out law enforcement it was meant to protect you against stranded theft .

Well...... NSA is for sure stronger as MS, ergo: Win7 with Elephant Diffuser is still safe! :P

How do you get that ? If the USA government is as strong as you claim they are. Why cant they just tap in M$ servers and get email records without a court order?

That's the whole reason there up in court with M$ is to start letting the Government have easy access to unlock encryption no matter were its stored .

You have no proof Elephant Diffuser is really safe . Its closed source meaning only M$ has the code too it. M$ didn't want the USA government to get the code so by law since a USA company they had to remove it.

Microsoft removed the Elephant diffuser because it hurt performance and is not compliant with Federal Information Processing Standards. Linux systems using LUKS disk encryption are vulnerable to the same kind of attack.

[Israeli_Eagle]

If so... Why they needed then easier versions (without Elephant Diffuser)?

NSA told them to remove it because it was hard for them to get into . But Its not hard for M$ to get into . If they lose in Court . All law enforcement has to do is get a court order there going have to comply. Bitlocker was never meant to keep out law enforcement it was meant to protect you against stranded theft .

Well...... NSA is for sure stronger as MS, ergo: Win7 with Elephant Diffuser is still safe! :P

How do you get that ? If the USA government is as strong as you claim they are. Why cant they just tap in M$ servers and get email records without a court order?

That's the whole reason there up in court with M$ is to start letting the Government have easy access to unlock encryption no matter were its stored .

You have no proof Elephant Diffuser is really safe . Its closed source meaning only M$ has the code too it. M$ didn't want the USA government to get the code so by law since a USA company they had to remove it.

Microsoft removed the Elephant diffuser because it hurt performance and is not compliant with Federal Information Processing Standards. Linux systems using LUKS disk encryption are vulnerable to the same kind of attack.

Well, ok... I would say probably 99.999% safe. And of course I use a TPM and driver (not from MS).

[steven36]

If so... Why they needed then easier versions (without Elephant Diffuser)?

NSA told them to remove it because it was hard for them to get into . But Its not hard for M$ to get into . If they lose in Court . All law enforcement has to do is get a court order there going have to comply. Bitlocker was never meant to keep out law enforcement it was meant to protect you against stranded theft .

Well...... NSA is for sure stronger as MS, ergo: Win7 with Elephant Diffuser is still safe! :P

How do you get that ? If the USA government is as strong as you claim they are. Why cant they just tap in M$ servers and get email records without a court order?

That's the whole reason there up in court with M$ is to start letting the Government have easy access to unlock encryption no matter were its stored .

You have no proof Elephant Diffuser is really safe . Its closed source meaning only M$ has the code too it. M$ didn't want the USA government to get the code so by law since a USA company they had to remove it.

Microsoft removed the Elephant diffuser because it hurt performance and is not compliant with Federal Information Processing Standards. Linux systems using LUKS disk encryption are vulnerable to the same kind of attack.

Well, ok... I would say probably 99.999% safe. And of course I use a TPM and driver (not from MS).

I would not trust no encryption that high and really no forum of Bitlocker

Because we know Microsoft made it

Microsoft says that it does not build backdoors into its products, but that it doesn't consider building methods to bypass their security in order to comply with legitimate legal requests "backdoors." It also shares its source code with governments so that they can check for backdoors... or for vulnerabilities which they could use as backdoors. A Microsoft spokesperson would not answer whether Microsoft could comply with a lawful request to unlock a BitLocker-encrypted disk.

I think they can unlock it for them as they would not comment about it. :lol:

[Israeli_Eagle]

If so... Why they needed then easier versions (without Elephant Diffuser)?

NSA told them to remove it because it was hard for them to get into . But Its not hard for M$ to get into . If they lose in Court . All law enforcement has to do is get a court order there going have to comply. Bitlocker was never meant to keep out law enforcement it was meant to protect you against stranded theft .

Well...... NSA is for sure stronger as MS, ergo: Win7 with Elephant Diffuser is still safe! :P

How do you get that ? If the USA government is as strong as you claim they are. Why cant they just tap in M$ servers and get email records without a court order?

That's the whole reason there up in court with M$ is to start letting the Government have easy access to unlock encryption no matter were its stored .

You have no proof Elephant Diffuser is really safe . Its closed source meaning only M$ has the code too it. M$ didn't want the USA government to get the code so by law since a USA company they had to remove it.

Microsoft removed the Elephant diffuser because it hurt performance and is not compliant with Federal Information Processing Standards. Linux systems using LUKS disk encryption are vulnerable to the same kind of attack.

Well, ok... I would say probably 99.999% safe. And of course I use a TPM and driver (not from MS).

I would not trust no encryption that high and really no forum of Bitlocker

Because we know Microsoft made it

Microsoft says that it does not build backdoors into its products, but that it doesn't consider building methods to bypass their security in order to comply with legitimate legal requests "backdoors." It also shares its source code with governments so that they can check for backdoors... or for vulnerabilities which they could use as backdoors. A Microsoft spokesperson would not answer whether Microsoft could comply with a lawful request to unlock a BitLocker-encrypted disk.

I think they can unlock it for them as they would not comment about it. :lol:

And again...... If they could then they had no reason to delete Elephant Diffuser. So... We will see in the near future.

[steven36]

If so... Why they needed then easier versions (without Elephant Diffuser)?

NSA told them to remove it because it was hard for them to get into . But Its not hard for M$ to get into . If they lose in Court . All law enforcement has to do is get a court order there going have to comply. Bitlocker was never meant to keep out law enforcement it was meant to protect you against stranded theft .

Well...... NSA is for sure stronger as MS, ergo: Win7 with Elephant Diffuser is still safe! :P

How do you get that ? If the USA government is as strong as you claim they are. Why cant they just tap in M$ servers and get email records without a court order?

That's the whole reason there up in court with M$ is to start letting the Government have easy access to unlock encryption no matter were its stored .

You have no proof Elephant Diffuser is really safe . Its closed source meaning only M$ has the code too it. M$ didn't want the USA government to get the code so by law since a USA company they had to remove it.

Microsoft removed the Elephant diffuser because it hurt performance and is not compliant with Federal Information Processing Standards. Linux systems using LUKS disk encryption are vulnerable to the same kind of attack.

Well, ok... I would say probably 99.999% safe. And of course I use a TPM and driver (not from MS).

I would not trust no encryption that high and really no forum of Bitlocker

Because we know Microsoft made it

Microsoft says that it does not build backdoors into its products, but that it doesn't consider building methods to bypass their security in order to comply with legitimate legal requests "backdoors." It also shares its source code with governments so that they can check for backdoors... or for vulnerabilities which they could use as backdoors. A Microsoft spokesperson would not answer whether Microsoft could comply with a lawful request to unlock a BitLocker-encrypted disk.

I think they can unlock it for them as they would not comment about it. :lol:

And again...... If they could then they had no reason to delete Elephant Diffuser. So... We will see in the near future.

I dont trust nothing with my life or do I have anything to hide . Only people would worry about this were people who were breaking the law or were trying to hide something from others because they share a computer witch any encryption can protect againt the latter .

[steven36]

Here is some research i found about it weaknesses was found in it before so it dont sound to be all that and a bag of chips

Windows Vista Enterprise and Ultimate editions use Bitlocker Drive Encryption as its disk encryption algorithm, and at its heart is the AES-CBC + Elephant diffuser encryption algorithm (ELEPHANT). In this paper we present our analysis of ELEPHANT using statistical tests. Our analysis has explored some weaknesses in its diffusers, thus we propose new diffusers to replace them. The new diffusers overcome the weaknesses of the original ones, and offer better and faster diffusion properties. We used the new diffusers to build variants of ELEPHANT, that possess better diffusion properties.

http://dl.acm.org/citation.cfm?id=1426310

If weakness was found in Vista Elephant Diffuser as long as windows 7 been around its weakness have been study as well :P