On my main personal machine right now, an old Dell Precision m6700, I have enabled the BitLocker drive encryption.
Hard drive encryption is always the last line of defense in case of theft. However, it would make it harder for anyone short of a very skilled hacker who knows how to break the TPM or perhaps, the US NSA to obtain the data within the SSD of any encrypted laptop. I am not 100% sure about BitLocker; in particular, I am uncomfortable about the decision by Microsoft to remove the Elephant Diffuser, which critics allege has made the encryption quite a bit weaker.
The other reason why I feel this way is because with a modern CPU with AES encryption capabilities, the performance penalty is not going to be that large. Yes, it takes a bit of time to encrypt the hard drive and then there is a modest penalty, but given the performance penalty, it is well worth it, in my opinion.
The problem is simple. Laptops are designed to be portable. That portability makes them very easy to lose or for someone to steal your laptop.
What are the consequences?
In the corporate world, there have been a few high profile cases that encryption may have prevented the leaking of very sensitive data. An example is that around 2006, there was an incident with Fidelity Investments involving the employees of Hewlett Packard, where sensitive pension information was contained on a Fidelity laptop that had been stolen. Had the laptop in question been encrypted, the data would not have leaked. More recently, in 2016, the company Centene suffered a data breach where sensitive medical information was leaked. There are tragically, many more incidents where those came from. If businesses do not take safeguarding sensitive information seriously, I am sure that we will see many more similar incidents in the future. That comes at a huge cost to those who have had their information compromised and to the reputation of said business.
On a personal level, if you have a laptop that is ever stolen, someone could easily compromise it and the data inside it. If all of your passwords are on your laptop, that could very easily be compromised. It is one of the reasons why I advocate for 2 factor authentication. Someone would have to steal your passwords and your phone or your other “factor”.
A big problem I see is that there is lack of pressure from us consumers to try to encourage the more widespread use of encryption. When we buy laptops, we do not consider whether or not the laptop has any safeguards against theft for example.
Why does this happen?
There are multiple parties to blame for this, and yes, we the public are not blameless on this.
- Segmentation of products. Microsoft in particular has segmented its Windows between Home and Professional, along with the enterprise versions. The Home Version does not offer the ability to encrypt using BitLocker. I feel that this should be standard in all versions of Windows for security reasons.
- I mentioned this earlier, but to repeat, there is not enough push from us consumers as well. We demand lower prices of laptops for example, and that has caused a race to the bottom for laptop makers in pricing laptops, but that has not led to the idea of making laptops more secure. Too few people seem to know or care about this matter.
- Encryption is not user friendly right now. There is the matter of key management and setting up an encrypted system.
- Even many businesses and other large organizations do not encrypt their laptops at times. The fewer organizations that encrypt, the less pressure PC makers, Microsoft, Apple, and everyone else feels.
- Laptop manufacturers with low margins do not add features that increase the costs, such as a Trusted Platform Module.
Clearly, all of these need to be addressed. We need a well informed population, combined with greater action from both hardware manufacturers and the world’s largest operating system companies.
What are the weaknesses of encryption?
Encryption is not foolproof. Keys can later be found to have weaknesses or a deliberately inserted backdoor.
There is also the difficulty of key management. On Trusted Platform Modules the keys are stored on the TPM chip itself. That chip could get lost or damaged. That would mean recovering the backup key, either from the server or from somewhere safe that you’ve stored it. There is also the matter of the server with the keys being leaked or hacked to some third party. The TPM itself, as I alluded earlier is not foolproof and future revisions need to address flaws found in the older variants.
Another big problem is that most consumer laptops do not even have TPM modules to begin with! Even a flawed system is better than no security. Yes, existing software such as BitLocker allows users to store the key on a separate USB, but this should not be necessary. TPM should be standard on all consumer laptops. I’d argue smartphones too.
Linux does offer a step forward. When a Linux distro is installed, the end user has the ability to choose to encrypt or not. Linux does offer the ability via LUKS to encrypt upon installing a Linux distribution. One problem is that even LUKS is vulnerable to Evil Maid attacks. Of course, as the article notes, other operating systems are also vulnerable to Evil Maid attacks too.
Keep in mind that BitLocker has some very serious vulnerabilities as well. There is no system that is completely full proof. Actually, there are concerns of a backdoor in any closed source system. BitLocker, being closed source means that no independent security organization can conduct a security audit of the code to ensure that there is no “backdoor” that we do not know about. BestCrypt has been recommended as an alternative by a key expert, Bruce Schneier, who sits on the board of the public advocacy group, the Electronic Frontier Foundation. Being closed source, I cannot assure this, but it seems like a promising alternative.
There is no bulletproof encryption system, but even then, having an encryption system is surely better than nothing. It will enable at least some degree of security against petty theft, identity theft, and the loss of important data to malicious parties.
These recommendations are far from fool proof.
- Insist that all versions of Windows come with the ability to use BitLocker.
- Standardize around a removable TPM module on all laptops or the hardware for future standardized encryption hardware.
- Future revisions of TPM should work to address the flaws of this platform. The reason why I prefer having a separate chip is to allow upgrades. Naturally the BIOS of the laptops would also need to be updated.
- By default, insist on higher bit encryption (ex: 256 bit AES or 4096 bit RSA keys).
- The Federal Government in each nation should put together a public education campaigns into the importance of encryption and the importance of key management.
- Consider mandating fingerprint or retina readers everywhere.
- Create an open source encryption system for Windows that replaces the now defunct TrueCrypt.
Still, if implemented, they would be a major step forward.
In the long run, research into how to defeat Quantum Computers, which if they ever become viable, could have very serious implications on how to break encryption.
We will all someday lose something valuable. We are human after all. However, we as a society need to take measures to prevent identity theft and to prevent our valuable personal data from being compromised. It is bad enough if somebody does steal your laptop. What would be far worse is if that laptop was used to compromise your information.
Encryption is certainly not fool proof, and I am sure that there will be an arms race if encryption ever takes off between encryption and attempts to compromise it, but would still be a huge step forward if we as a society implemented encryption on a large scale.
As consumers we need to consider that there are a lot of really unpleasant outcomes that could happen without encryption and demand changes.
I think that in the end, encryption is necessary for our personal laptops to safeguard our information. We need to take action as a society on this one.