hi maybe it's not the right place ,but I want to encrypt an entire operation system , in my case case w10 pro on uefi bios i don't want to use bitlocker , i don't trust about it i have 2 choises veracrpy and truecrypt may i know which works better on UEFI computer? truecrypt is outdated i don't have tried on uefi ,may i know which alternative do i have? thanks i don't want to change bios settings , seeing i have another operation system on my computer w8.1 no dual boot thanks
With BitLocker you can backup and restore the encrypted partition on the GPT disk and the restored partition is encrypted. I don't understand. You have Win10 and Win8.1 on the computer and it's not a dual boot?
hi what is it GPT disk ? i mean Brian you have w10 and w8.1 on the same disk i have on seperate disk , and they can not see each other , is dual boot? thanks
mantra, https://msdn.microsoft.com/en-us/library/windows/hardware/dn640535(v=vs.85).aspx Two OS on the same computer is a dual boot. How did you prevent each OS from seeing the other OS?
hi Brian hardware manager , disabled the other hard disk but have you tried veracrypt? it's included in image for linux ,that can image an encrypted partition without make a raw image thanks
hi yes sorry my os is not in english Brian do you plan to test it? i mean veracrypt or bitlocker , create an image and restore of a partition or disk encrypted? thanks Brian
The UEFI vs MBR alignment won't affect the restore at all. I have restored many UEFI (although they are FDE linux flavors) systems without fail. Whether or not you encrypt with VeraCrypt, LUKS, or an unknown software the result should be the same. i.e. to say every sector is encrypted. Recommend using a quality product like Macrium Reflect because you get a nice gui and it will create a Win PE recovery environment to put on a bootable USB. Simple process - save by sector and restore by sector. Forensic quality images are really your only reliable restore option when you make the decision to do FDE. Let me mention that if you are lucky enough to have USB3 on your machine Macrium can create drivers so that you will enjoy restores at the much higher speed!
thanks but macrium reflect make 1:1 copy , a sector by sector image , if the drive is 250GB the image will be 250GB image for linux included veracrypt , it can mount and make an image about 7 or 8 GB
Maybe I am not understanding your intentions. I also have used Macrium to make a "hot image" of Windows system disks. That "hot image" is only used space, and can even be compressed as well as encrypted for storage. Now comes time to restore. You can write that small image back to your sata drive BUT it would be unencrypted and using VeraCrypt you would need to re-encrypt the drive if you plan on staying with FDE. Either way you are back to 250GB in your example. I have done this too many times to count. If I am misunderstanding or not communicating I apologize. The main point here is GPT vs MBR makes no difference to Macrium
mantra, I've only used BitLocker with Win10. Not with other Windows OS or Linux. I've only used TeraByte software to image/restore the system so I don't know whether my comments apply to other software. Without going into the fine details... You can use IFW in Windows to image the sectors in use in the Win10 partition. An all sector image is not needed. So if you had 20 GB of data in a 250 GB partition your image would be around 12 GB and not 250 GB. You get the same result if you use IFW in TBWinRE but you must use the "Read from Volume" option when creating the image. If you use IFW in TBWinRE to restore this image, the restored OS will still be encrypted and will require the BitLocker password to boot. If you use IFL to restore this image, the restored OS will not be encrypted and will not require the BitLocker password to boot. But, the partition has to be encrypted again. So, IFW doesn't need to create an all sector image and the restored OS doesn't need to be encrypted again.
Trying to visualize this. Love to learn here. So, in your example you write 20 GB back and its already encrypted. How does that data space relate to the other 230 GB on the completely encrypted 250 GB VeraCrypt partition he mentioned? Am I describing my question clearly, I wonder? You have 250 GB of encrypted VeraCrypt volume and you are going to write only 20 GB back in the middle of it and its still going to work properly? If you are only speaking about BitLocker, I am on the sidelines from here out. Sorry, if I am invading a thread because I misunderstood.
Palancar, I appreciate your comments. Keep them coming and I have a question for you. My comments only apply to BitLocker. I create an IFW (VSS) image of the Win10 partition. Then boot into TBWinRE, unlock the OS partition with BDE and restore the image. My question. How can I unlock the Win10 partition in Linux? If I can do that I can try an IFL restore and see if the restored Win10 partition is still encrypted.
thanks a lot ! really it's more clear thanks i have to re-create the winpe and find out how add in image for windows/linux thanks a lot
mantra, There is nothing to download as it is TBWinRE and not TBWinPE. Run TBWinPE.exe in C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite\tbwinre Yes, it is TBWinPE.exe
Sorry Brian but LIFE has been getting in my way of hanging out here. LOL!! Let me remind you I have almost no experience with BitLocker. Since I don't admire (trying to be nice here) the Windows OS it protects, there would be no point in my studying the protection it affords the system disk. I do retain lots of memories though because Windows and I share a long past. I went through extensive coding "addictions" using TC for over a decade. Blew up so many drives running beta code, and had a blast doing it!! While trying to actually answer your question though (I do admire your work on this forum), I am trying to make sure just how you have Win 10 "locked"? In the most rudimentary way I am pretty sure you know that Linux running in RAM enables the user to completely invade the entire Win system disk while its "cold". Assuming there is no encryption, and a Windows password is easier to pass through than a screen door passes water, you can do anything to Windows from there. Also, again rudimentary, but the Win SAM is down when its "cold" so manipulating protected areas it shields during operation are also easy! At this point now knowing the "lock", it would be impossible to discuss how to pick it, LOL!
Palancar, Thanks. I gather the BitLocker partition can be mounted in Linux but not in IFL as the IFL dislocker file is basic. So I've lost interest. In TBWinRE the BitLocker partition can't be seen until it has been unlocked with BDE. Once the BitLocker partition has been unlocked (as it is when Windows boots) you can then restore an image to the unlocked partition. In Windows terminology it is unlocked and not decrypted. When restored Windows boots you are asked for the BitLocker password and BitLocker is ON. By the way, I don't use BitLocker. My tests were to understand how it worked with image/restore.
