Windows Vista To Make Dual-Boot A Challenge? 442
mustafap writes "UK tech site The Register is reporting on security guru Bruce Schneier's observation that the disk encryption system to be shipped with Vista, BitLocker, will make dual booting other OSs difficult - you will no longer be able to share data between the two." From the article: "This encryption technology also has the effect of frustrating the exchange of data needed in a dual boot system. 'You could look at BitLocker as anti-Linux because it frustrates dual boot,' Schneier told El Reg. Schneier said Vista will bring forward security improvements, but cautioned that technical advances are less important than improvements in how technology is presented to users."
Whatever...try fat32 partition (Score:5, Insightful)
It's not a big deal (Score:2, Insightful)
Huh? (Score:5, Insightful)
News Just In: (Score:5, Insightful)
Encrypting a filesystem prevents arbitrary operating system from accessing it!
I mean — what the fuck?! — isn't that the whole idea?
Who knew? (Score:2, Insightful)
Once again, the headline is hideously misleading.
Re:Whatever...try fat32 partition (Score:3, Insightful)
It will only be in Enterprise and Ultimate Vista (Score:5, Insightful)
As much as we all love to bash Microsfot, I'm guessing it's an optional feature.
That's it. I've had enough. (Score:3, Insightful)
Now if I also can't dual-boot then that's the last straw to drive me to a linux-only system.
And before anyone suggests it, no I don't want to be running Linux under a Microsoft VM.
Re:Wait... (Score:4, Insightful)
Tom
Re:Has everyone gone mad? (Score:5, Insightful)
Slashdot has long had a strong anti-MS bias. Fine, they've never made a secret of it. Recently however, they've started to allow it to warp the facts, which is not fine.
Sure, this may well make dual-booting more difficult, in that you won't be able to get at your data. Ever tried getting at data on an NTFS partition with Fedora? ZOMG! Fedora is trying to lock out Windows!
I've been here a long time, and it's sad to see how the site has declined from a site you could trust, to one that will print almost anything as long as it bashes MS or praises FOSS.
Shame on you (Score:5, Insightful)
A company plans to include a very useful encryption tool with it's next OS.
This is good news in terms of security and privacy, and therefore /. readers will welcome it.
Oh wait, no they won't, because the company is Microsoft. Microsoft is baaad, therefore everything they do is sinister and evil. You people always manage to find the dark lining to their every silver cloud.
It's the herd-mentality at work, folks.
Yawn.
Re:And another EU Commision lawsuit in 3... 2... (Score:5, Insightful)
Drive encryption is optional. It's something you may configure while setting up the system for systems carrying sensitive or important data. It's not like a standard Vista install automatically encrypts the entire drive. That would be ludicrous.
Bruce Schneier may be a brilliant security guy, but like every other person (and company) on the planet, he has an agenda. Don't automatically trust the guy telling you stuff because it's embarassing to the person he's telling you about.
Duh (Score:5, Insightful)
That is the entire point of Bitlocker; Encrypt the drive so only the encrypting OS can decrypt it. Bitlocker would be rather pointless if any OS could read the encryped drive now wouldn't it?
Even if you move the bitlocked disk to another Vista machine, that machine wouldn't be able to read the disk without the decryption key, which I severly hoped you backed up.
We're dreading this feature in Vista becuase if its anything like XP encryption and it's easy to turn on, there's going to be a lot of unhappy students when we tell them "Your hard drive crashed and all of your files are unecoverable becuase you encryped the drive"
Re:What you mean it could still be possible (Score:4, Insightful)
the filesystems used in linux are free and open. MS is more than welcome to implement support for them in windows without having to pay a dime. The same is not true of the reverse situation.
MS does not support reading and writing to linux filesystems by choice to stifle interoperability. They keep their filesystems closed to the same end.
What the hell are you smoking? (Score:5, Insightful)
No, just anti-dual-boot. Microsoft makes their product more secure
Sorry, but since when does dual-boot mean "less secure"?
How many viruses are going to be stopped by preventing dual-booting? How many trojans?
Yeah, that's what I thought.
Re:What you mean it could still be possible (Score:2, Insightful)
Or maybe they just don't see any value in spending money developing a feature only 0.0001% of customers are interested in, something better handled by a third party.
Problem is secret algorithm (Score:2, Insightful)
Bitlocker would be rather pointless if any OS could read the encryped drive now wouldn't it?
If any OS could read the encrypted drive given the key, then there would be no problem. The problem comes when Microsoft does not specify how to turn the ciphertext plus the key into the cleartext.
Re:Stupid (Score:3, Insightful)
Please explain to me how this is going to prevent you from dual-booting
Re:What you mean it could still be possible (Score:4, Insightful)
You're missing the point.
Even if the user is given a choice in the matter, are they going to understand that they're signing away their data to Microsoft?
That nice boy down the street that helped them recover their data with a reinstall so easily- are these fictional users going to understand that checkbox means their next screwup means their data is gone for good?
Linux disk encryption makes it just as hard for linux to dualboot windows.
No it doesn't. The bootsector and partition tables are most certainly NOT encrypted because then the system wouldn't boot.
In fact every linux distro should just use FAT to make sure windows can be dualbooted and read the linux data.
I've got a better idea. Instead of trying to convince all those distributions that you're right and their wrong, why don't you just try and convince ONE distribution- say Microsoft- that they should support ext3 and cryptoloop out of the box.
Re:Whatever...try fat32 partition (Score:5, Insightful)
You know full well it isn't a bug. It's the same exact "feature" that has been shared by all in their OSes for the past 20 years. It's not in Microsoft's interest to make it any easier for users to stray from their ecosystem, so this intentionally designed limitation is not going to change.
Re:Has everyone gone mad? (Score:2, Insightful)
You're missing something fundemental: The data is being secured from the user instead of from the bad guys.
That's not security- that's trusting Microsoft to keep your data safe.
If Microsoft were really as interested in security as they claim to be (and as you seem to believe), then they would publish the materials necessary to decrypt these volumes on other systems- especially for rescue circumstances.
Re:And another EU Commision lawsuit in 3... 2... (Score:2, Insightful)
Re:Duh (Score:3, Insightful)
Most IT dept's do NOT want to deal with this thing. Encryption is nothing new for MS. They've had it since Windows 2000 but almost no one uses it. Why? because there is absoletly no easy way to do any kind of disaster recovery on an encrypted NTFS drive unless you have a Domain policy which supplies an encryption key from the server, and even then it's a pain to recover unless you added execption policies (think backdoor) for domain admins.
The only businesses interested in encryption at the OS level are banks and governments (think CIA, NSA, ETC) and their most likely going to be rolling their own solution when it's all said and done. These guys are definetly not the demographic Microsoft wants to piss off by any means since these are their bread winners, and encrypting the drive becuase Bill felt like encrypting them would not ring well with these people at all.
Re:Anti-competative! Predatory! Monopoly! (Score:4, Insightful)
Way to go there, migrating to a locked in proprietary platform. Oh, and on top of that, one that's crippled to only run on mandated hardware.
But Apple are hip at the moment, so it doesn't matter.
Who cares? (Score:2, Insightful)
Re:Whatever...try thinking right (Score:3, Insightful)
Cart before the horse... (Score:2, Insightful)
Re:And another EU Commision lawsuit in 3... 2... (Score:3, Insightful)
Well it would be pretty hard to enable, unless they magically know who is buying the computer ahead of time,
The whole point is the END USER has to create their own key and pin/biometric at the TIME the drive is Encrypted.
So unless you see Dell becoming 1800 Ms Cleo, or see Gateway flying people to their factory just so they can enable the feature for that person, I think your tinfoil hat may be leading you down the wrong path...