Longhorn Secure Startup Disk Encryption
Ever since attending the Computers, Freedom & Privacy conference, I'm thinking more about personal information security again. I say again because information security is a topic that fascinates me, but I don't tend to be proactive in protecting my privacy as much as might be prudent. I think about all the places my face is recorded on camera, the opportunities for people to gain access to my personal information by reading over my shoulder and the potential for people to be doing some kind of network sniff in the proximity of the Starbucks where I might be uploading a file and it starts to seem like privacy is a product of fiction. Reality makes it unlikely anyone is actually paying attention to my information because there are simply too many targets. It's also true that erring on the side of caution is better than just giving in to every potential information leak.
I maintain a master password list encrypted in a way that keeps anyone from getting my various pin numbers if my laptop is ever stolen. Some of my personal data is stored in encrypted locations on my hard drive and as I indicated, I'm storing backups of information on encrypted portable volumes. But I'm not thoroughly protected from information violations if my laptop were stolen because I don't encrypt the entire disk or at least I'm not encrypting particular information sectors that might contain sensitive information in the clear.
If you lose a laptop or have your computer stolen, keeping your Windows login password protected isn't enough to keep any but the laziest snoops from accessing your information. All you need to do to test this theory is download a copy of Knoppix, burn it to CD and then boot from CD to see how much of your PC data is readily available without ever booting Windows. Encrypting a disk volume storing private information keeps snoops out but you need to make sure you get all the information leaks closed.
Microsoft is thinking about these potential privacy violations as part of Longhorn. Disk encryption is being built into the operating system, in the form of Secure Startup, allowing you to lock down information with a master password, which keeps data scrambled and prevents the operating system from functioning properly if not correctly applied. This will be an optional user-configurable feature turned on or off just like the Windows Firewall, Anti-Spyware or other applications you might use to protect your data. Where this becomes important is in making sure the right information is protected. In addition to any of the basic stuff like sensitive information in the My Documents folder, Microsoft is making sure the temp files generated during Hibernation that save the state of all your applications when you close the screen on your laptop while Windows is still running get locked down. The Windows Temp file gets encrypted to make sure you aren't leaving cached information readily available for someone to steal.
The downside to encryption in this scheme is the potential for forgetting your password. If you forget the password, Windows will require reformatting in order to function; there is no password recovery short of brute-force hacking that may require months to crack the encryption algorithms. Still, the hardware you lose as the result of a theft is generally much less damaging than the potential information made available on the hard drive. You can easily avoid any risk of forgetting the password by locking it away in a lockbox or storing it in some other secure way completely separate from the laptop or PC itself. Currently, the same level of protection is achievable using third-party apps like TrueCrypt, but having it available as part of the operating system, as promised in Longhorn, makes sense because it should provide protection without needing a complex understanding of how encryption works.