Olympus-OM
[Top] [All Lists]

Re: [OM] [OT] Encryption advice

Subject: Re: [OM] [OT] Encryption advice
From: Chuck Norcutt <chucknorcutt@xxxxxxxxxxxxxxxx>
Date: Fri, 27 Jun 2014 11:30:54 -0400
Thanks. Those sound like some pretty nasty "features" for a technology that has been around since probably before Vista. Anyhow, I don't want full disk encryption (especially of the boot drive) for exactly the type of problems that you've mentioned. TrueCrypt and FreeOTFE are able to create a virtual disk which is simply an ordinary file on the OS. I had assumed that BitLocker could do that as well but apparently not. It's limited to real hardware but can do removable drives. That would probably be sufficient but not my preference. So I'll stay away from BitLocker due to price and function if nothing else. I was also sad to note that Symantec PGP doesn't work well either.

Anyone else?

Chuck Norcutt


On 6/27/2014 10:59 AM, Paul Braun wrote:
On Fri, Jun 27, 2014 at 7:44 AM, Chuck Norcutt <
chucknorcutt@xxxxxxxxxxxxxxxx> wrote:

I've decided that I'd like to have a small, virtual disk where everything
on the disk is encrypted.  It would be used to hold things like password
lists, tax returns or anything else that I wouldn't want divulged for
personal security reasons.  I do use some encryption software today on
individual files but would like the convenience of having everything on a
given disk be automatically encrypted and decrypted.  Just give a single
password at boot time to activate the encrypted disk and be done with it
for the day.

I had recently read a recommendation to use a free product called
"TrueCrypt".  I had noted the link but, when I went to download the product
and figure out how to use it the website informed me that the product had
been withdrawn and to use Microsoft BitLocker instead. BitLocker is
probably just fine but, for a Win7 "Home Premium" user, requires an upgrade
to Win7 "Ultimate" for $140.


Just FYI - with our current migration to the corporate domain and corporate
standard Win7 desktop computer setup, we have been forced to use BitLocker
on all machines.  We have discovered that BitLocker does some nasty things,
like preventing us from booting from a utility flash drive to try and run
chkdsk on a corrupted drive, or do any other troubleshooting.  We've also
discovered that BitLocker recognizes a USB-connected printer as a
threatening storage device, and locks the computer on boot. Same thing for
software license dongles.  Unless that's some sort of boneheaded setting by
the corporate desktop guys, the ONLY way we can work around it is to unplug
the offending devices, power the CPU off, and reboot.  Once you see the
Windows splash screen, plug the stuff back in.  It's exceptionally
annoying.  And I've been lucky - several of the techs have come across
boxes that got locked out from random BitLocker nonsense, and since
corporate won't give us the instructions to unlock them, we've had to pull
them out of service and completely re-image.

According to one of my bosses, BitLocker annoyances are usually one of the
top items for discussion during every weekly corporate IT director
conference calls, so it's nice to know that pretty much every hospital in
the system hates it.

--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/

<Prev in Thread] Current Thread [Next in Thread>
Sponsored by Tako
Impressum | Datenschutz