Computer security specialists at NASA have warned their employees of a loophole in the encryption feature BitLocker, only present in Enterprise and Ultimate editions of Microsoft's Windows Vista operating system. According to a document posted on NASA's Web site, BitLocker's encryption can be bypassed if a user leaves their computers in "sleep" mode. Only if the computer is shut down or set to "hibernate", users are required to insert a USB authentication key into their PCs or laptops to in order to boot up.
"An administrator can reduce the risk of circumvention of BitLocker (through theft of a "sleeping" rather than "hibernating" machine) by reducing the duration before the machine goes into hibernation," said NASA's security specialists, Aaron Powell and Christopher Vincent.
News source: InformationWeek
20 Comments - Add comment