andreasjunestam
commented
11 years ago Can easily be done in the same code that checks for bitlocker with: http://msdn.microsoft.com/en-us/library/windows/desktop/aa376441(v=vs.85).aspx
Closed mlynch-isec closed 11 years ago
andreasjunestam
commented
11 years ago Can easily be done in the same code that checks for bitlocker with: http://msdn.microsoft.com/en-us/library/windows/desktop/aa376441(v=vs.85).aspx
There is no security benefit to going into hibernation if the machine uses TPM-only BitLocker protectors (an attacker can just boot the machine up again). We should check the protectors at install time and error out if there's a TPM-only protector on the OS volume.