FDE and Windows 8 – Showing off at RSA

The TCG is hosting its annual security workshop at the RSA Security Conference on Mon Feb 25th in San Francisco. I have attended for the last 5 years and always found the panels and speakers well worth the time invested to attend.

As we have done for the past few years WinMagic, as a TCG member, has the opportunity to demonstrate our product during the breaks. Since Windows 8 is still relatively new and not yet fully supported by most Full Disk Encryption (FDE) Independent Software Vendors (ISVs) I choose to demonstrate that with OS. (Last year we showed a solution that was OS agnostic).

This year I am bringing a Lenovo T430 with Windows 8 booting native UEFI off of a TCG Opal drive managed by SecureDoc 6.1 to demonstrate. When I was preparing the demo I noticed a few things:

I wanted to turn on Secure Boot and found it under the Security tab in the BIOS. It says that Secure Boot when enabled prevents “unauthorized operating systems from running at boot time”. I turned it on and sure enough when I tried to boot to a shell on a USB memory stick I got the message “Secure Boot: Image failed to verify …” Secure Boot is a good feature to prevent attacks on pre-boot authentication (PBA) for FDE where the attacker tries to replace the legitimate code with their code. In my case, since I have a TCG Opal drive and I am running my PBA out of the MBR shadow; which is set to be read only, I am doubly protected against this attack.

After installing SecureDoc, I turned on the power of my laptop and the PBA screen displayed in about 6 seconds, which strikes me as being much quicker than PBA in Windows 7. This is because we have a native UEFI PBA application. The other thing to note is that I did NOT get a “Secure Boot: Image failed to verify …” message. This is because our PBA code is signed by Microsoft and the Microsoft key required to verify our signature is built into the Lenovo UEFI code.

Next, I typed in my password and in a few more seconds the Windows 8 wall paper appeared.

That’s really all there is to it. Point being, security doesn’t have to get in the way of your normal work or slow you down.

If you are in town attending RSA please come to the TCG workshop, say hello, see my quick demo.

Previous Post
Happy Valentine’s Day! Why Marketers Love Data Encryption!
Next Post
Enlightening Conversations

Related Posts

Enlightening Conversations

Last week I attended an event in Seattle; it was a small, intimate group setting where a number of vendors talked about IT security with key business leaders. It was an interesting day full of discussion around how to secure…
Read more

Think Safety, Stay Secure

Safety is one of the most important aspects today – for people, for organizations, for governments and for countries. There is a lot of talk around the safety of people in general and data, which is critical to businesses. (more…)

Leave a Reply

Your email address will not be published.

Fill out this field
Fill out this field
Please enter a valid email address.

Contact Us

This will close in 15 seconds