• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 26117
  • Last Modified:

Windows BitLocker on Windows 8.1 (not Pro)

Hello,

I own a pre-installed copy of Windows 8 which I later updated to 8.1 . Lately I took great interest in protecting my data, my identity, my connection, etc... I want to do the best I can do with the Windows 8.1 I already own. (Yes I know, if I want to be serious then I should go with some Unix based OS's).

I want to encrypt my data securely and would like to use (among others)  Windows BitLocker. I am having difficulties understanding the complex PGP software and hope to start learning by using more simple software.

Problem:
I noticed I do not have Windows BitLocker on my system because it is for Pro copies only. Mine is standard.

Question:
Can I download Windows BitLocker separately ? I am not sure I want to purchase and upgrade to Pro just because of one application that I might not like.

If possible, please tell me how [..I can access to BitLocker?] without a system upgrade.

Do you think it is worth the price (99USD for upgrade) and the hassle?

Have you worked with BitLocker and would you recommend it?

Have you tried BitLocker and instead preferred to use an alternative software? (Please name one or two! ... I don't mind purchasing or donating to the developer if the software is GOOD . I can not afford too expensive licenses. For example PGP Desktop from Symantec costs over 100 USD for a yearly subscription... That is too much. Besides I do not like yearly subscriptions.

I appreciate your help and time!

Kind regards,

Hex

BTW: Any good tutorial or "how-to" on using PGP encryption ? I have GPG4Win and I have difficulties understanding how to verify a signature (example signed ISO's that I downloaded) and encrypt mail.  
[I will reserve 100 points for this last question.]
0
Sven Baehr
Asked:
Sven Baehr
  • 2
  • 2
  • 2
  • +1
1 Solution
 
BiniekCommented:
Hi,

1. You can not download or other way to install BitLocker on Windows 8, BitLocker is only available in version Windows 8 PRO and Enterprise. Normal version Windows * (without PRO) does not contain BitLocker and there is no possibility to turn on this functionality.

So if You want to use BitLocker, You have to upgrade to Windows 8 PRO, no others possibilities.

2. You can use free alternative TRUECRYPT - www.truecrypt.org

3. GPG / PGP

You can use free version GnuPG - http://www.gnupg.org/ - you can find there binaries and manuals

What You need to start exchange encrypted data:

1. Install and configure software
2. Generate GPGkeys -
3. Send Your public key directly to the Partner or publish it on the server

All necessary and detailed information You can find in documentation or manual on GnuPG project site.
www.gnupg.org/gph/en/manual.html¿

Here are video tutorials, how to use it and encrypt/decrypt files.

http://www.youtube.com/user/GnuGPTutorial
http://www.youtube.com/watch?v=Cbv4jPIJ8J8

and here is example how to verify ISO in Linux, but in Windows will be nearly the same

GPG/PGP Keys-Part 3: Verifying Debian ISO images encrypted sign file
http://linux.koolsolutions.com/2009/03/24/gpgpgp-keys-part-3-verifying-debian-iso-images-encrypted-sign-file/
0
 
Sven BaehrAuthor Commented:
Thank you very much mate.

Do you know of other alternatives other than TrueCrypt or would this be the better option amongst all?

Kind regards,

hex
0
 
Rich RumbleSecurity SamuraiCommented:
GPG does not do full OS encryption, like PGP, TrueCrypt or Bitlocker do. GPG is more for email and files more that partitions and folders.
Here is a helpful article I've written on Encryption that most people here find helpful:
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html
My other articles are also focused around the security field so they may too be of interest. The basic thing to understand about full disk encryption of the OS is that when it's unlocked, that is when the OS is running, it looks like a normal unencrypted OS. When the OS is off, then the HDD is not readable and encrypted. This goes for most encrypted objects, decryption keys are held in memory and make the object appear plain-text, like an office document for example. If it's password protected, and you know the pass and open it up, you see it as it's supposed to be in it's unencrypted form. If you close that document without making changes, it's unreadable to anyone else that doesn't know the pass. Same for the OS, it's fully readable when booted, so a trojan or remote control software see the OS as "normal". Take further precautions beyond using TrueCrypt or others. Know what your software is protecting you from, and what it isn't.

http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software
There is no "better" than the next, it's what you like and don't like. Some software is FIPS140-2 NIST certified, but that doesn't mean it's more secure than one that isn't:
http://www.pcworld.com/article/185872/usb_drives_hacked.html
-rich (p.s. you should leave questions open longer :)
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
BiniekCommented:
Here is the list of all software for disk encryption

http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

You can also check, commercial :

McAfee Endpoint Encryption (SafeBoot)
Symantec Endpoint Encryption

In my opinion BitLocker / TrueCrypt are very good solutions for single computers
0
 
Sven BaehrAuthor Commented:
Hello Richrumble,

Thank you very much for your kind reply and your very insightful information. I am reading your article and feel a bit embarrassed not to have looked -first- for the information I was looking for, inside of the Experts Exchange pool!
(...at least for the second part of my question.., I guess I was focusing more on BitLocker for Windows 8 ).

(p.s. you should leave questions open longer :) ... You are right! I am very sorry for this, I didn't think about it :(

Do you write about security on a consistent basis? Do you blog or something I can follow?

Kind regards,

hex
0
 
Rich RumbleSecurity SamuraiCommented:
I don't blog/tweet elsewhere, no time, barely time to write those other articles, but the questions come up enough it often saves me time in the end to write them. I'm glad you liked it, keep your questions coming there are plenty of of other folks here to help.
-rich
0
 
sravan nayakCommented:
nice
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now