• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Full disk encryption and sleep mode

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Windows

View previous topic :: View next topic  
Author Message
multiplex77
Just Arrived
Just Arrived


Joined: 18 Jan 2008
Posts: 0


Offline

PostPosted: Tue Mar 16, 2010 4:28 am    Post subject: Full disk encryption and sleep mode Reply with quote

I have done a full disk encryption using BitLocker and TrueCrypt on my laptop and desktop respectively. If I just put my laptop into standby/sleep mode when I leave, I notice that I’m only asked for my Windows (Vista) password when I wake it up. Does this mean that if someone steals my laptop while in sleep mode, the disk encryption will serve no purpose?

In this article (http://technet.microsoft.com/en-us/library/cc162804.aspx), it seems to suggest that “enabling the Prompt for password when computer resumes from sleep setting” is sufficient to mitigate the risk. So I’m confused.

How about if I hibernate it? Is that sufficient?

Last question: Will full disk encryption protect me against remote access to my machine via Trojan horses and other viruses? Or is that something that only anti-viruses can take care of?
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Tue Mar 16, 2010 2:33 pm    Post subject: Reply with quote

Hey multiplex77,

You pose some good questions, ones I get asked all the time regarding Whole Disk Encryption products.

So WDE does not protect you against rootkits, viruses and other malware. Nor does it protect against evil maid etc (http://en.wikipedia.org/wiki/Evil_Maid_attack#Boot_loader_level)

Sleep does not provide the same level of protection as Hibernation. Placing the system in Hibernation will cause the Bit Locker authentication on resume where as sleep relies on Windows credentials and there is a known yet potentially un-realistic attack against this.

Hope that clears a few things up.

Matt_s
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Wed Mar 17, 2010 12:43 am    Post subject: Reply with quote

The difference lies in the fact that "sleep" doesn't power the system down, while "hibernate" does.

The sleep state is also known as suspend-to-ram -- it means the system is placed in a very low power consumption mode, but it is still on. When you wake up from sleep mode, the systems is in the same state as you left it. You can password protect the wake-up, just like you can password protect the screen saver.

Hibernation, on the other hand, is suspend-to-disk. When entering hibernation, the contents of the RAM are written out to a reserved file on the disk, and the system is physically powered down. When you turn the computer on, it will do everything as though you were turning it on for the first time. It will go through the BIOS POST, load the bootloader -- which will need your password to decrypt the disk --, and load the operating system. Once it begins loading, the operating system (Windows in your case) will detect that there is a hibernation state stored, and it will load that state back to RAM.

In short: with hibernation all data is saved to disk and the system is physically powered off. You need the disk password to decrypt it and restore. With sleep, the system is simply put on standby, like your TV -- think of it as a screensaver that uses less power. The password in that case is simply used to unlock the screen, just like when you press Windows+L (lock screen).
Back to top
View user's profile Send private message
multiplex77
Just Arrived
Just Arrived


Joined: 18 Jan 2008
Posts: 0


Offline

PostPosted: Wed Mar 17, 2010 3:40 am    Post subject: Reply with quote

Thanks both for your useful advice.
Back to top
View user's profile Send private message
dvdcd0211
Just Arrived
Just Arrived


Joined: 03 Mar 2011
Posts: 0


Offline

PostPosted: Fri Mar 18, 2011 8:39 am    Post subject: Full disk encryption Reply with quote

PGP Whole Disk Encryption is fully compatible with hibernation in Windows. If the PGP Whole Disk Encryption Windows system goes into hibernation, in restoring power to the system, the BootGuard PGP will ask for your password. After entering your password on the disk is decrypted and returned to its previous state.Full disk encryption can be a great anti-forensic method but there is a risk that malware such as a keylogger could be installed by lack of proper anti-virus and anti-malware protection..
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Windows All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter