Forgot your password?
typodupeerror

Windows Vista To Make Dual-Boot A Challenge? 442

Posted by Zonk
from the have-to-raise-a-fuss dept.
mustafap writes "UK tech site The Register is reporting on security guru Bruce Schneier's observation that the disk encryption system to be shipped with Vista, BitLocker, will make dual booting other OSs difficult - you will no longer be able to share data between the two." From the article: "This encryption technology also has the effect of frustrating the exchange of data needed in a dual boot system. 'You could look at BitLocker as anti-Linux because it frustrates dual boot,' Schneier told El Reg. Schneier said Vista will bring forward security improvements, but cautioned that technical advances are less important than improvements in how technology is presented to users."
This discussion has been archived. No new comments can be posted.

Windows Vista To Make Dual-Boot A Challenge?

Comments Filter:
  • by gbrandt (113294) on Thursday April 27, 2006 @06:50PM (#15216682)
    Any body that is dual booting will also know that making a partition formatted fat32 will allow copying of files between os's.
  • by Parham (892904) on Thursday April 27, 2006 @06:53PM (#15216698)
    It's not a big deal that they're doing this, afterall I won't be using Vista when it's released. Me and a lot of people I know will be migrating to Linux entirely and not looking back. Nobody I know wants to pay an arm and a leg to use an operating system that isn't going to contribute to bettering their current desktop experience. Those not migrating to Linux won't be upgrading from XP.
  • Huh? (Score:5, Insightful)

    by metamatic (202216) on Thursday April 27, 2006 @06:53PM (#15216699) Homepage Journal
    Did I miss something? Is this disk encryption going to be compulsory?
  • News Just In: (Score:5, Insightful)

    by ettlz (639203) on Thursday April 27, 2006 @06:56PM (#15216720) Journal

    Encrypting a filesystem prevents arbitrary operating system from accessing it!

    I mean — what the fuck?! — isn't that the whole idea?

  • Who knew? (Score:2, Insightful)

    by RonnyJ (651856) on Thursday April 27, 2006 @06:57PM (#15216728)
    Wow, who knew that choosing to encrypt a drive could make it hard to access??!

    Once again, the headline is hideously misleading.

  • by LostCluster (625375) * on Thursday April 27, 2006 @06:57PM (#15216731)
    and what happens if FAT32 isn't supported by Vista?
  • by jfern (115937) on Thursday April 27, 2006 @06:57PM (#15216737)
    At least, according to Wiki.

    As much as we all love to bash Microsfot, I'm guessing it's an optional feature.
  • by JustNiz (692889) on Thursday April 27, 2006 @07:01PM (#15216765)
    The only reason I was considering Vista is because Microsoft have made sure DirectX10 won't run on XP.

    Now if I also can't dual-boot then that's the last straw to drive me to a linux-only system.

    And before anyone suggests it, no I don't want to be running Linux under a Microsoft VM.
  • Re:Wait... (Score:4, Insightful)

    by tomstdenis (446163) <tomstdenis@NOSPaM.gmail.com> on Thursday April 27, 2006 @07:06PM (#15216806) Homepage
    The usual solution is to make a FAT32 partition of a couple gigs, or use a remote SMB share or my personal favourite: just don't use windows.

    Tom
  • by Tim C (15259) on Thursday April 27, 2006 @07:06PM (#15216809)
    I take it you missed the recent story on how Vista's firewall is going to be "crippled" because the default config won't block outgoing connections - just like XP's, just like Mandrake's and RedHat's the last time I set up firewalls on them, just like my hardware firewall in fact.

    Slashdot has long had a strong anti-MS bias. Fine, they've never made a secret of it. Recently however, they've started to allow it to warp the facts, which is not fine.

    Sure, this may well make dual-booting more difficult, in that you won't be able to get at your data. Ever tried getting at data on an NTFS partition with Fedora? ZOMG! Fedora is trying to lock out Windows!

    I've been here a long time, and it's sad to see how the site has declined from a site you could trust, to one that will print almost anything as long as it bashes MS or praises FOSS.
  • Shame on you (Score:5, Insightful)

    by Neon Aardvark (967388) on Thursday April 27, 2006 @07:12PM (#15216850) Homepage

    A company plans to include a very useful encryption tool with it's next OS.

    This is good news in terms of security and privacy, and therefore /. readers will welcome it.

    Oh wait, no they won't, because the company is Microsoft. Microsoft is baaad, therefore everything they do is sinister and evil. You people always manage to find the dark lining to their every silver cloud.

    It's the herd-mentality at work, folks.

    Yawn.

  • by PsychicX (866028) on Thursday April 27, 2006 @07:24PM (#15216945)
    One slight detail.

    Drive encryption is optional. It's something you may configure while setting up the system for systems carrying sensitive or important data. It's not like a standard Vista install automatically encrypts the entire drive. That would be ludicrous.

    Bruce Schneier may be a brilliant security guy, but like every other person (and company) on the planet, he has an agenda. Don't automatically trust the guy telling you stuff because it's embarassing to the person he's telling you about.
  • Duh (Score:5, Insightful)

    by Deathlizard (115856) on Thursday April 27, 2006 @07:51PM (#15217129) Homepage Journal
    Seriously. we need a "Duh" Tag on this story.

    That is the entire point of Bitlocker; Encrypt the drive so only the encrypting OS can decrypt it. Bitlocker would be rather pointless if any OS could read the encryped drive now wouldn't it?

    Even if you move the bitlocked disk to another Vista machine, that machine wouldn't be able to read the disk without the decryption key, which I severly hoped you backed up.

    We're dreading this feature in Vista becuase if its anything like XP encryption and it's easy to turn on, there's going to be a lot of unhappy students when we tell them "Your hard drive crashed and all of your files are unecoverable becuase you encryped the drive"

  • by yourlord (473099) on Thursday April 27, 2006 @07:54PM (#15217153) Homepage
    Linux disk encryption makes it just as hard for linux to dualboot windows. In fact every linux distro should just use FAT to make sure windows can be dualbooted and read the linux data.


    the filesystems used in linux are free and open. MS is more than welcome to implement support for them in windows without having to pay a dime. The same is not true of the reverse situation.

    MS does not support reading and writing to linux filesystems by choice to stifle interoperability. They keep their filesystems closed to the same end.
  • by schon (31600) on Thursday April 27, 2006 @08:06PM (#15217262)
    "You could look at BitLocker as anti-Linux. . . "

    No, just anti-dual-boot. Microsoft makes their product more secure


    Sorry, but since when does dual-boot mean "less secure"?

    How many viruses are going to be stopped by preventing dual-booting? How many trojans?

    Yeah, that's what I thought.
  • by drsmithy (35869) <drsmithyNO@SPAMgmail.com> on Thursday April 27, 2006 @08:08PM (#15217282)
    MS does not support reading and writing to linux filesystems by choice to stifle interoperability.

    Or maybe they just don't see any value in spending money developing a feature only 0.0001% of customers are interested in, something better handled by a third party.

  • by tepples (727027) <tepples AT gmail DOT com> on Thursday April 27, 2006 @08:13PM (#15217331) Homepage Journal

    Bitlocker would be rather pointless if any OS could read the encryped drive now wouldn't it?

    If any OS could read the encrypted drive given the key, then there would be no problem. The problem comes when Microsoft does not specify how to turn the ciphertext plus the key into the cleartext.

  • Re:Stupid (Score:3, Insightful)

    by Gorshkov (932507) <(moc.oohay) (ta) (vokhsrogmda)> on Thursday April 27, 2006 @08:28PM (#15217455)
    No, just anti-dual-boot.

    Please explain to me how this is going to prevent you from dual-booting
  • by mrsbrisby (60242) on Thursday April 27, 2006 @08:45PM (#15217579) Homepage
    Will it be possible to mount non-encrypted disks in Vista?

    You're missing the point.

    Even if the user is given a choice in the matter, are they going to understand that they're signing away their data to Microsoft?

    That nice boy down the street that helped them recover their data with a reinstall so easily- are these fictional users going to understand that checkbox means their next screwup means their data is gone for good?

    Linux disk encryption makes it just as hard for linux to dualboot windows.

    No it doesn't. The bootsector and partition tables are most certainly NOT encrypted because then the system wouldn't boot.

    In fact every linux distro should just use FAT to make sure windows can be dualbooted and read the linux data.

    I've got a better idea. Instead of trying to convince all those distributions that you're right and their wrong, why don't you just try and convince ONE distribution- say Microsoft- that they should support ext3 and cryptoloop out of the box.
  • by Waffle Iron (339739) on Thursday April 27, 2006 @08:48PM (#15217600)
    Even perhaps having a bug.

    You know full well it isn't a bug. It's the same exact "feature" that has been shared by all in their OSes for the past 20 years. It's not in Microsoft's interest to make it any easier for users to stray from their ecosystem, so this intentionally designed limitation is not going to change.

  • by mrsbrisby (60242) on Thursday April 27, 2006 @08:50PM (#15217613) Homepage
    They're introducing file system functionality for added security and being ripped apart for it by the same people that scream at them for their lack of security focus? I've had a bit of a read into it, and at least on the surface it seems like a good idea.

    You're missing something fundemental: The data is being secured from the user instead of from the bad guys.

    That's not security- that's trusting Microsoft to keep your data safe.

    If Microsoft were really as interested in security as they claim to be (and as you seem to believe), then they would publish the materials necessary to decrypt these volumes on other systems- especially for rescue circumstances.
  • by FLEB (312391) on Thursday April 27, 2006 @09:22PM (#15217797) Homepage Journal
    The users that don't understand aren't going to be the ones dual-booting. Even if they do get the dual-boot bug, turning off the encryption is (most likely) just an annoying-but-managable reinstall away.
  • Re:Duh (Score:3, Insightful)

    by Deathlizard (115856) on Thursday April 27, 2006 @10:23PM (#15218090) Homepage Journal
    No, becase IT dept's across the country would basicially riot if they did such a thing.

    Most IT dept's do NOT want to deal with this thing. Encryption is nothing new for MS. They've had it since Windows 2000 but almost no one uses it. Why? because there is absoletly no easy way to do any kind of disaster recovery on an encrypted NTFS drive unless you have a Domain policy which supplies an encryption key from the server, and even then it's a pain to recover unless you added execption policies (think backdoor) for domain admins.

    The only businesses interested in encryption at the OS level are banks and governments (think CIA, NSA, ETC) and their most likely going to be rolling their own solution when it's all said and done. These guys are definetly not the demographic Microsoft wants to piss off by any means since these are their bread winners, and encrypting the drive becuase Bill felt like encrypting them would not ring well with these people at all.
  • by labratuk (204918) on Thursday April 27, 2006 @11:21PM (#15218330)
    In ten years you'll be saying exactly the same thing about replacing cocoa so you don't need a machine made by Apple ever again.

    Way to go there, migrating to a locked in proprietary platform. Oh, and on top of that, one that's crippled to only run on mandated hardware.

    But Apple are hip at the moment, so it doesn't matter.
  • Who cares? (Score:2, Insightful)

    by The Spoonman (634311) on Thursday April 27, 2006 @11:26PM (#15218355) Homepage
    Who dual-boots? A small subsection of the "geek crowd" who have some kind of moral objection with owning more than one PC ("but, I run Linux, I don't need a hundred servers to do the job of one!") or are too poor to do so. True geeks have more than one PC and find dual-booting to be annoying. That leaves the bulk majority of PC users: home owners and corporations. How many of them dual boot? Exactly. So, you've been shut out. Who cares as long as everyone else (the ones who really NEED to be protected automatically) are protected from not only harming themselves, but others. For a group so concerned with security, and bashing on endusers inability to grasp even the simplest technical knowledge, it never ceases to amaze me how quickly the complain when someone makes it easy on the people most needing of someone to lock their system down for them. Yeah, it's a runon. That's what you get when you read this far down in the comments section. Nosebleeds of comments, baby.
  • by Lehk228 (705449) on Thursday April 27, 2006 @11:38PM (#15218418) Journal
    and an ext3 drive mounted by a hostile system will ignore security settings as well. the point of filesystem permissions is not to defeat a hostile system, but rather to allow admins to keep contorl of the machine and users to protect their files from other users.
  • by BrokenHalo (565198) on Friday April 28, 2006 @12:43AM (#15218699)
    Seems to me as if you're all talking about making it hard for yourselves. Why not simply take the opportunity to ditch Windows altogether?
  • by TheNetAvenger (624455) on Friday April 28, 2006 @07:49AM (#15219803)
    What will likely happen is that when you a buy a computer, it will already be enabled.

    Well it would be pretty hard to enable, unless they magically know who is buying the computer ahead of time,

    The whole point is the END USER has to create their own key and pin/biometric at the TIME the drive is Encrypted.

    So unless you see Dell becoming 1800 Ms Cleo, or see Gateway flying people to their factory just so they can enable the feature for that person, I think your tinfoil hat may be leading you down the wrong path...

TRANSACTION CANCELLED - FARECARD RETURNED

Working...