TrueCrypt and Win 7 Recovery Partitions

Discussion in 'privacy problems' started by wutheringheights, Nov 26, 2010.

Thread Status:
Not open for further replies.
  1. wutheringheights

    wutheringheights Registered Member

    Joined:
    Jan 25, 2010
    Posts:
    16
    Hi folks!

    Just a question: I have a new Win 7 system that has an inbuilt 1.5 GB recovery partition before the C: system partition, and another inbuilt 10 GB HDDRecovery partition. These are both primary partitions. These partitions are generated automatically and I am not sure what they do exactly. I understand that one of these might have the Win 7 boot loader.

    I have encrypted the data partition I set up and and want to proceed to encrypt the system partition. I am familiar with encryption on XP but since I'm new to Win 7 I just want to check how we take the two special recovery partitions into account.

    1. Do they contain information that would also need to be encrypted? If they only contain off-the-shelf system files, it doesn't matter.

    2. How does TrueCrypt interact with these two partitions? I believe that the HDDRecovery partition works in lieu of a system installation disk to restore your hard disk to its factory settings (I think that you can arrange to have only the system partition restored, leaving the data partition). But I'm not sure why there are two partitions labelled recovery.

    3. In XP, we boot to the TrueCrypt bootloader which then goes to the system partition after validation. What happens in this configuration?

    Thanks for the assitance.

    wuthering heights
     
  2. wutheringheights

    wutheringheights Registered Member

    Joined:
    Jan 25, 2010
    Posts:
    16
    Well, no one had an answer, so here's what I think the answers are:

    1. The 1.5 GB partition is not a recovery partition; it is the Win 7 boot partition. The 10 GB HDDRecovery partition is irrelevant to TrueCrypt. The person who did the installation isn't sure just how it came to be and if it needs to be around; for the moment I'm just leaving it there. However, it plays absolutely in role in anything having to do with encrypting the c: system partition. It might contain backup information for the system as originally installed; it might not.

    2. TrueCrypt ignores the HDDRecovery partition as just another data partition if you also ignore it. You could encrypt it, but it is not clear why you would do that.

    3. Once the c: system partition is encrypted, when you boot and give the password to TrueCrypt and it is accepted, then TrueCrypt passes control to the (unencrypted) boot partition, which then boots the encrypted system. I seem to have read that if you encrypt the boot partition (say by a full disk encryption) you might run into problems, especially in those cases where BIOS needs to access the disk before boot (evidently such cases exist).

    Moral of the story: Always be paranoid when encrypting your system because if things go wrong your goose is cooked. However, doing a c: partition system encryption on Win 7 works (at least if you don't encrypt the boot partition).

    Wuthering
     
Loading...
Thread Status:
Not open for further replies.