Warning: serious bug in fast boot for dual boot owners of W7 or W8 and W10

Discussion in 'Windows OS and Software' started by pete962, Feb 20, 2016.

Thread Status:
Not open for further replies.
  1. pete962

    pete962 Notebook Evangelist

    Reputations:
    122
    Messages:
    475
    Likes Received:
    216
    Trophy Points:
    56
    I've been scratching my head about the HDD errors I keep receiving on my dual boot (W7 and W10 and before with W7 and W8) system and finally found full answer. I would like to share the info for benefit of others as this could cause total data loss and it's rather obscure.
    First of all Fast Boot in W8 and W10 is not really boot, but it's pretty much renamed hibernation. On shutdown Ram and full state of computer is saved to HDD file with all attached disks left mounted. During bootup from the same OS all info is restored into memory very fast and all is fine. Problem arises when you boot from your secondary OS, since all disks were left in mounted state, new OS thinks PC wasn't shutdown properly and wants to scan all drives for errors. Later the disks are written to, files added and deleted etc. Now a disaster is in progress, when boot again into original OS (the one that shutdown system using Fast Boot hibernation) the OS will assume the disks are in exactly the same state as before and it will not reread file allocation table, but use original one. New files will be written in a space used by files written by secondary OS and corruption will continue unnoticed until some important files are lost and system errors start coming up. By that time data loss occurred and probably hosed at least one OS.
    So, if you dual boot, never use Fast Boot (or hibernation for that matter), unless you completely segregate the drives, so one OS doesn't see drives accessed from other OS and vice versa.
     
    hmscott and djembe like this.
  2. Tinderbox (UK)

    Tinderbox (UK) BAKED BEAN KING

    Reputations:
    4,617
    Messages:
    8,478
    Likes Received:
    3,499
    Trophy Points:
    431
    Took me a year to fix fast boot problem in Win10, symptoms - sleep mode would not resume - shutdown would not fully shut off my notebook, had to do a hard shutdown using the power button.

    Disabling Fast Boot in power option fixes sleep/shutdown problem for most affected users but not mine, even disabling fast boot in bios did not help.

    I found that "Intel(R) Management Engine Interface" driver was my problem, version 10+ causes my problem, forcing installing v9.5 fixes my problem but you have to disable driver update.

    John.
     
    hmscott likes this.
  3. pete962

    pete962 Notebook Evangelist

    Reputations:
    122
    Messages:
    475
    Likes Received:
    216
    Trophy Points:
    56
    As far as I know IMEI is part of remote access and control of low level hardware on networked computers. Some functions may be used for things like overclocking, or driver update but real information is really hard to find and the fact that this can work:
    1. on any or without operating system
    2. remotely
    3. can remotely start even shutdown PC
    would not surprise me if it was some part of bigger NSA scheme.
    Also this folder C:programfiles86/intel/telemetry 2.0 doesn't help my confidence much
    "disable driver update" is that auto driver update only or manual update as well?
     
  4. Tinderbox (UK)

    Tinderbox (UK) BAKED BEAN KING

    Reputations:
    4,617
    Messages:
    8,478
    Likes Received:
    3,499
    Trophy Points:
    431
    I just used the free O&O shutup app to disable driver updates, it`s part of the recommended setting.

    John.
     
  5. t456

    t456 1977-09-05, 12:56:00 UTC Moderator

    Reputations:
    1,858
    Messages:
    2,518
    Likes Received:
    1,928
    Trophy Points:
    181
    That is exactly it. Scary, ain't it? Even better; it has access even when the hardware is 'off':
    Neat feature, eh? And a good motivator to turn off vPro in bios. LAN is self-powered technology, after all. Something easily forgot, unless you run into audio ground-loop hiss and wonder why that's happening.

    Regarding intended backdoors; more scary stuff from the ANT division. Must be nice to work there, though a shame of the people and resources that might've been better spent to the betterment of mankind and society, in lieu of downtrodding both ...
     
  6. pete962

    pete962 Notebook Evangelist

    Reputations:
    122
    Messages:
    475
    Likes Received:
    216
    Trophy Points:
    56
    Yeah, when I first read IMEI capabilities and it was few years ago, it sounded like a wet dream of a hacker, or basic premise for some spy movie, LOL. The funny thing is I don't have any of this on my Win 7 work computer, only on my home Win 7 laptop, maybe it's a part of Intel overclocking utility? I got to look into it.
     
  7. djembe

    djembe drum while you work

    Reputations:
    1,064
    Messages:
    1,458
    Likes Received:
    204
    Trophy Points:
    81
    The idea behind Intel Management Engine is more corporate asset & information protection than government spying. For companies that buy hundreds or thousands of these systems and place important proprietary information on them, the remote features allow the company to better ensure their intellectual property isn't being leaked and their workers are using the company's resources properly.

    If you buy a business or workstation system for personal use, you can just turn those features off in UEFI/BIOS and you're fine.
     
    alexhawker likes this.
  8. pete962

    pete962 Notebook Evangelist

    Reputations:
    122
    Messages:
    475
    Likes Received:
    216
    Trophy Points:
    56
    Yes I know, I just find it funny it's on my gaming home laptop not connected to anything and not on my networked work computer.
    BTW I'm sure some of you read the news about hospital or school getting their computers encrypted for ransom, well you read it and you go on without thinking much, stuff happens, but I just found out it happened to business next door, way too close for comfort. So I'm reviewing everything security related as of now and it's things like this IMEI or remote desktop that makes it easier to happen. I can virus scan e-mail attachments and stay alert, but can't do much about remote background stuff, most people are not even aware off and poorly documented.
     
  9. alexhawker

    alexhawker Spent Gladiator

    Reputations:
    486
    Messages:
    2,498
    Likes Received:
    769
    Trophy Points:
    131
    IMO phishing is a much larger risk.


    Sent from my iPhone using Tapatalk
     
  10. pete962

    pete962 Notebook Evangelist

    Reputations:
    122
    Messages:
    475
    Likes Received:
    216
    Trophy Points:
    56
    IMO phishing would be much less of a problem if it wasn't for URL redirecting, I got misled into thinking I'm going to the known website, where in fact I wasn't, many times in the past. Now I got into habit of either using bookmark, or typing website name directly, never follow a link for anything of importance, like accessing credit card acc. online etc. But if you follow certain rules and pay attention phishing threat can be reduced.
     
Loading...
Thread Status:
Not open for further replies.

Share This Page