Laptop Security?

Discussion in 'Windows OS and Software' started by Drew1, Aug 22, 2017.

  1. kokies

    kokies Notebook Guru

    Reputations:
    2
    Messages:
    63
    Likes Received:
    3
    Trophy Points:
    16
    agree, learned something here, those banking, emails, etc passwords are what i think i would like to secure. For the data i do have a lot but i don't think they will be valuable, i have loads of back up on data so it is not a real concern when it is stolen.

    OK I think it is encouraged to have Bitlocker and this is what I ran into today. I have upgraded to Creators windows 10 and in the TPM console I cannot see the TPM management anymore, the error is 'cannot load management console, exception hresult 0x80090030'. I was thinking had I Bitlocked with TPM of my C drive I would have locked myself out from my laptop. This is what I meant by disastrous, this is for both the Dell Precisions.
    Perhaps should post this at the Precision forum and see if anyone is having this issue.
     
  2. 6730b

    6730b Notebook Evangelist

    Reputations:
    325
    Messages:
    456
    Likes Received:
    601
    Trophy Points:
    106
    ^^^ Sorry for your problems, and cannot provide any useful info for your particular setup.

    Am only providing basic info what works here, what I experience is a good routine for my situation \ laptops. May give someone som useful hints or ideas to adapt.

    Example from Dell 7440:

    - Bios hd (ssd) password. Not encryption, but AFAIK one would need to remove the platters from the hd and place them into another hd body to try to read content. About ssd, probably de-solder the memory chips or something like that lol (don't know). Anyway, not work for the average thieve, and a first line of defense.

    - Disk 1 (a 250 msata) partitioned into C & D. The bitlocked D is where everything sensible\personal\important goes. See attachment.

    - In addition, some specific files encrypted (axcrypt) and saved on bitlocker partition. That should give anyone trying anything some real headaches :O)

    The whole thing (reflect images + individual folders) regularly backed up to cloud + external hd (bitlocked), that's the remedy against eventual loss, theft, virus, hardware failure, ransomware, personal error etc.

    Using decent passwords (a dozen+ characters) easy to remember but very difficult to guess + written copy hidden "in the attic" just in case age and chemicals takes away (more of) memory :O)

    Good luck.
     

    Attached Files:

    • dr.PNG
      dr.PNG
      File size:
      18.3 KB
      Views:
      153
    Last edited: Aug 28, 2017
    t456 likes this.
  3. ArazelEternal

    ArazelEternal Notebook Guru

    Reputations:
    5
    Messages:
    52
    Likes Received:
    25
    Trophy Points:
    26
    I understand the concept of encrypting only the files that are sensitive and important, but I just encrypt everything. Never had an issue with my current machine. Been through a BIOS update, multiple OS updates, never had any issues show up. Bitlocker doesnt seem to effect performance at all and in my opinion, it just makes it easier. Encrypting individual files requires doing it manually, and if one of those files is updated, it requires remembering to encrypt the file once again after its modified. With Bitlocker, encryption happens transparently. The biggest thing is making sure the Bitlocker keys are backed up in case of an issue.
     
    Jarhead likes this.
  4. t456

    t456 1977-09-05, 12:56:00 UTC Moderator

    Reputations:
    1,319
    Messages:
    2,411
    Likes Received:
    1,654
    Trophy Points:
    181
    Yes, did exactly that on a 'dead' ssd. Worked nicely to recover the data, but if it had been encrypted with an unknown password it'd been a different story.

    Also recovered data from spinnies that had defective controller boards. However, that needs transplanting the firmware chip as well, so would guess that also takes the hd password along with it (unless that's a bios option?). Yet, that wouldn't be hard to tackle. Just read out stock fw, set password, read again and do a hex compare. Then read the target drive's fw, set the same location to all FF and write back.

    So if drive passwords work without encrypting the data itself then these provide token security only.

    The rest of your security+backup schedule looks great though, very nice :vbsmile: .
     
    6730b likes this.
  5. kokies

    kokies Notebook Guru

    Reputations:
    2
    Messages:
    63
    Likes Received:
    3
    Trophy Points:
    16
    hey no problem, lots of insight reading your posts. :))
    I am contacting Windows for support, I have Assure(subscription for Windows remote access) but they are saying this is Pro support level in which I have to pay GBP99 for this !?
    Anyone here have any suggestions is greatly appreciated
     
    6730b likes this.
  6. Drew1

    Drew1 Notebook Deity

    Reputations:
    6
    Messages:
    733
    Likes Received:
    21
    Trophy Points:
    31
    Hey all. So just to confirm if i install bitlocker on my computer, that means at startup, i would have to know the password right? Thus if a hacker or someone who gets access to my computer were to get the computer, there is no way they could turn on my computer without the password? Because if that is true, then i will be using bitlocker.
     
  7. Jarhead

    Jarhead 恋の♡アカサタナ

    Reputations:
    4,915
    Messages:
    12,074
    Likes Received:
    2,871
    Trophy Points:
    581
    Yes, you still need the Windows password. If they take your drive out and try to access it from a different computer, they will need your Bitlocker password.
     
  8. Drew1

    Drew1 Notebook Deity

    Reputations:
    6
    Messages:
    733
    Likes Received:
    21
    Trophy Points:
    31
    Hi there. So this bitlocker basically protects your computer no matter what then right assuming the computer is turned off?


    Also how long does it take to do this? Basically i just want to make sure its locked with a password and that is all. However you still need to do a backup in case? Such as if someone happens to your computer?


    Also does that mean the windows 10 password option at startup is basically useless then? Thus if you put that password, that doesn't do anything because there are ways to reset it or something and then get in the computer?
     
  9. Jarhead

    Jarhead 恋の♡アカサタナ

    Reputations:
    4,915
    Messages:
    12,074
    Likes Received:
    2,871
    Trophy Points:
    581
    Yes. Encrypted stuff can't be viewed unless the person knows how to unlock it.

    Depends on how much data you're encrypting and how powerful your computer is (specially, your CPU).

    You should always make backups of your data, encryption or not. Period.

    As far as retrieving data, yes. If a person can't log into your computer because they don't know your Windows password, they can (assuming no encryption) just stick your drive into their computer and browse your files as if it were a flash drive.
     
  10. Drew1

    Drew1 Notebook Deity

    Reputations:
    6
    Messages:
    733
    Likes Received:
    21
    Trophy Points:
    31
    HI there. When you say how much data you are encrypting do you mean how big my hard drive is and how much gb i used up on my computer? Because if im encrypting it, im encrypting the entire computer right? For example i have a 250gb ssd hard drive but it only shows 232gb free. If im using say about 132gb and 100gb is free, how long would that take about? Or if you are using 100gb, how long for every 100gb? My cpu is i5 6300 hq quad core.laptop. It has 8gb ram and has an ssd.

    How long does it take to make backup of my computer?

    Okay so if i put just the windows 10 password and don't do the bitlocker, they can put my hard drive into their own computer and view the drive. But they cannot do anything to the files... is that correct? Because if that is the case, isn't that still pretty good? Or could some very smart hackers find a way to do it?
     
Loading...

Share This Page