• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

Bitlocker question

C

Cameo

Flightless Bird
I am ready to upgrade my 64-bit Home Premium installation to Pro and
wondering if it's worth to spend the extra bucs to upgrade to Ultimate
instead, just so I also get the Bitlocker encryption. Or ... I could
spend the extra bucs later for a 3rd party encryption software that also
integrates transparently with Win7. When I worked at my previous
employer, we used to have such a 3rd party encryption software on our
company laptops that once installed, were virtually transparent to use;
once you logged into your Windows account, that username & password was
automatically used by the encryption software as well. You could
designate individual folders for encryption (such as "MyDocuments",) not
just the entire HD. I wish I remembered what the software's name was,
though it may not have been available for retail customers.

I wonder if Bitlocker is also as easy to use and if it has a folder-only
encryption option. I tried TrueCrypt ones, but I did find it very
convenient to use and I could not figure out how to encrypt existing
folders with it.
 
S

Seth

Flightless Bird
"Cameo" <cameo@invalid.invalid> wrote in message
news:hvp6e3$gva$1@news.eternal-september.org...
> I am ready to upgrade my 64-bit Home Premium installation to Pro and
> wondering if it's worth to spend the extra bucs to upgrade to Ultimate
> instead, just so I also get the Bitlocker encryption. Or ... I could spend
> the extra bucs later for a 3rd party encryption software that also
> integrates transparently with Win7. When I worked at my previous employer,
> we used to have such a 3rd party encryption software on our company
> laptops that once installed, were virtually transparent to use; once you
> logged into your Windows account, that username & password was
> automatically used by the encryption software as well. You could designate
> individual folders for encryption (such as "MyDocuments",) not just the
> entire HD. I wish I remembered what the software's name was, though it may
> not have been available for retail customers.
>
> I wonder if Bitlocker is also as easy to use and if it has a folder-only
> encryption option. I tried TrueCrypt ones, but I did find it very
> convenient to use and I could not figure out how to encrypt existing
> folders with it.

BitLocker is whole disk. On a modern machine with a TPM chip, it integrates
completely into Windows and ties the hard drive to the machine it is in. A
person couldn't just simply take your drive, pop it into a USB adapter and
read the files, any files.

On machines without TPM, it's implementation is slightly different and will
differ by choices made at installation time, but still remains "whole disk".
 
C

Cameo

Flightless Bird
"Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote:
> BitLocker is whole disk. On a modern machine with a TPM chip, it
> integrates completely into Windows and ties the hard drive to the
> machine it is in. A person couldn't just simply take your drive, pop
> it into a USB adapter and read the files, any files.
>
> On machines without TPM, it's implementation is slightly different and
> will differ by choices made at installation time, but still remains
> "whole disk".

How do I know if my laptop has that chip?
 
C

Cameo

Flightless Bird
"Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote in message
news:hvp7bl$i06$1@news.eternal-september.org...
> BitLocker is whole disk. On a modern machine with a TPM chip, it
> integrates completely into Windows and ties the hard drive to the
> machine it is in. A person couldn't just simply take your drive, pop
> it into a USB adapter and read the files, any files.

One more thing ... What about image backups one makes -- say with
Acronis -- and would want to restore such a backup to a new HD in case
the old gets damaged? Would it be possible with BitLocker installed?
Also, besides the Win7 partition I still keep the original Vista on a
separate, smaller partition (Dual Boot) on the same HD. If Bitlocker
encodes that partition, too, I could no longer boot up into Vista, would
I?
 
S

Seth

Flightless Bird
"Cameo" <cameo@invalid.invalid> wrote in message
news:hvpjev$sg5$1@news.eternal-september.org...
> "Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote:
>> BitLocker is whole disk. On a modern machine with a TPM chip, it
>> integrates completely into Windows and ties the hard drive to the machine
>> it is in. A person couldn't just simply take your drive, pop it into a
>> USB adapter and read the files, any files.
>>
>> On machines without TPM, it's implementation is slightly different and
>> will differ by choices made at installation time, but still remains
>> "whole disk".
>
> How do I know if my laptop has that chip?

Check in your BIOS or at the laptop makers website. it would be listed in
the specs.
 
S

Seth

Flightless Bird
"Cameo" <cameo@invalid.invalid> wrote in message
news:hvpqr2$kks$1@news.eternal-september.org...
> "Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote in message
> news:hvp7bl$i06$1@news.eternal-september.org...
>> BitLocker is whole disk. On a modern machine with a TPM chip, it
>> integrates completely into Windows and ties the hard drive to the machine
>> it is in. A person couldn't just simply take your drive, pop it into a
>> USB adapter and read the files, any files.
>
> One more thing ... What about image backups one makes -- say with
> Acronis -- and would want to restore such a backup to a new HD in case the
> old gets damaged? Would it be possible with BitLocker installed?
> Also, besides the Win7 partition I still keep the original Vista on a
> separate, smaller partition (Dual Boot) on the same HD. If Bitlocker
> encodes that partition, too, I could no longer boot up into Vista, would
> I?

Should work with Vista, but I never tried it in a dual boot scenario. Would
work with Acronis if imaged while in Windows as the data is decrypted as it
is read. Don't think it would work form an Acronis boot disk though.
 
C

Cameo

Flightless Bird
"Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote in message
news:hvq3vf$jgf$1@news.eternal-september.org...
>>> On machines without TPM, it's implementation is slightly different
>>> and will differ by choices made at installation time, but still
>>> remains "whole disk".
>>
>> How do I know if my laptop has that chip?
>
> Check in your BIOS or at the laptop makers website. it would be listed
> in the specs.

Well, I checked both the BIOS and the specs of this HP tx1410us notebook
and could not find any reference to TPM in it even though I bought it
new in Feb. 2008. So, I guess Bitlocker would not work for me then,
right?
 
G

Gene E. Bloch

Flightless Bird
On Wed, 23 Jun 2010 10:20:24 -0700, Cameo wrote:

> "Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote in message
> news:hvq3vf$jgf$1@news.eternal-september.org...
>>>> On machines without TPM, it's implementation is slightly different
>>>> and will differ by choices made at installation time, but still
>>>> remains "whole disk".
>>>
>>> How do I know if my laptop has that chip?
>>
>> Check in your BIOS or at the laptop makers website. it would be listed
>> in the specs.
>
> Well, I checked both the BIOS and the specs of this HP tx1410us notebook
> and could not find any reference to TPM in it even though I bought it
> new in Feb. 2008. So, I guess Bitlocker would not work for me then,
> right?

I have no personal idea (TrueCrypt satisfies my limited needs), but this is
found in the quotes in the thread you're replying to:

"On machines without TPM, it's implementation is slightly different and
will differ by choices made at installation time, but still remains 'whole
disk'."

It's the first text in the quoted part or your reply; it seems to say that
it doesn't need TPM to work.

--
Gene E. Bloch (Stumbling Bloch)
 
C

Cameo

Flightless Bird
"Gene E. Bloch" <not-me@other.invalid> wrote:
> I have no personal idea (TrueCrypt satisfies my limited needs), but
> this is
> found in the quotes in the thread you're replying to:
>
> "On machines without TPM, it's implementation is slightly different
> and
> will differ by choices made at installation time, but still remains
> 'whole
> disk'."
>
> It's the first text in the quoted part or your reply; it seems to say
> that
> it doesn't need TPM to work.

Oops, that's embarrassing! It slipped my mind.
 
G

Gene E. Bloch

Flightless Bird
On Wed, 23 Jun 2010 16:58:24 -0700, Cameo wrote:

> "Gene E. Bloch" <not-me@other.invalid> wrote:
>> I have no personal idea (TrueCrypt satisfies my limited needs), but
>> this is
>> found in the quotes in the thread you're replying to:
>>
>> "On machines without TPM, it's implementation is slightly different
>> and
>> will differ by choices made at installation time, but still remains
>> 'whole
>> disk'."
>>
>> It's the first text in the quoted part or your reply; it seems to say
>> that
>> it doesn't need TPM to work.
>
> Oops, that's embarrassing! It slipped my mind.

Well, then, do I get points for tripping you up? :)

Probably I should instead just get demerits for being a nag...

--
Gene E. Bloch (Stumbling Bloch)
 
S

Seth

Flightless Bird
"Cameo" <cameo@invalid.invalid> wrote in message
news:hvtfn5$t2a$1@news.eternal-september.org...
> "Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote in message
> news:hvq3vf$jgf$1@news.eternal-september.org...
>>>> On machines without TPM, it's implementation is slightly different and
>>>> will differ by choices made at installation time, but still remains
>>>> "whole disk".
>>>
>>> How do I know if my laptop has that chip?
>>
>> Check in your BIOS or at the laptop makers website. it would be listed in
>> the specs.
>
> Well, I checked both the BIOS and the specs of this HP tx1410us notebook
> and could not find any reference to TPM in it even though I bought it new
> in Feb. 2008. So, I guess Bitlocker would not work for me then, right?

It can still be used, it just won't be as transparent.
 
C

Cameo

Flightless Bird
"Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote:
>> Well, I checked both the BIOS and the specs of this HP tx1410us
>> notebook and could not find any reference to TPM in it even though I
>> bought it new in Feb. 2008. So, I guess Bitlocker would not work for
>> me then, right?
>
> It can still be used, it just won't be as transparent.

OK, so does that mean that the encryption without hardware TPM will
mean a big performance hit on the CPU? I also wonder how I could still
boot into my Vista partition on the same HD even though I implement the
TPM in the Win7 partition. In my mind Vista would not "know" about the
TPM and thus could not be able to decrypt the HD to use it or even boot
up. What is it I am missing here?
 
S

Seth

Flightless Bird
"Cameo" <cameo@invalid.invalid> wrote in message
news:i05vpo$749$1@news.eternal-september.org...
> "Seth" <sethNOSPAM@NOSPAMclcpro.com> wrote:
>>> Well, I checked both the BIOS and the specs of this HP tx1410us notebook
>>> and could not find any reference to TPM in it even though I bought it
>>> new in Feb. 2008. So, I guess Bitlocker would not work for me then,
>>> right?
>>
>> It can still be used, it just won't be as transparent.
>
> OK, so does that mean that the encryption without hardware TPM will
> mean a big performance hit on the CPU? I also wonder how I could still
> boot into my Vista partition on the same HD even though I implement the
> TPM in the Win7 partition. In my mind Vista would not "know" about the TPM
> and thus could not be able to decrypt the HD to use it or even boot up.
> What is it I am missing here?

No performance difference as the TPM isn't an encryption accelerator (at
least no performance hit vs. a TPM equipped machine, any encryption will hit
performance vs. non-encrypted).

Can't answer the question regarding dual-boot as non of my machines use dual
boot nor do I support it in my environment.

I do have to question what is the point in dual-booting with Vista and
Windows 7 though. What does one need with Vista when you have Windows 7? Is
there something you have that won't work in Windows 7 that does work in
Vista?
 
You must log in or register to reply here.
Top