WinMagic on Microsoft Pre-Boot Full Disk Encryption Authentication

WinMagic makes full-disk encryption products, including a UEFI one, which the UEFI CA (Microsoft) signs, AFAIK.

Is Microsoft really claiming Pre-Boot Authentication for Full Disk Encryption is not necessary?[…]To summarize, Microsoft has got this one wrong. The fault in their logic is thinking that PBA is limited to protection against memory attacks AFTER automatically unlocking the drive. They missed the whole point of PBA, which is to prevent anything being read from the drive, such as the operating system BEFORE the user has confirmed they have the correct password or other credentials. PBA is a necessary component of a FDE solution in order to fully achieve the confidentiality (and compliance) that full disk encryption is capable of providing.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s