[BBLISA] whole disk encryption
Edward Ned Harvey
bblisa4 at nedharvey.com
Wed Aug 25 09:37:08 EDT 2010
> From: Daniel Feenberg [mailto:feenberg at nber.org]
>
> I don't understand. If you don't have to enter a password for
> bitlocker,
> when is the data unavailable?
This is all written right there:
http://www.bblisa.org/pipermail/bblisa/2010-August/002840.html
> Also, I am not clear about backups - I assume that you can export the
> decrypted drive - is that right?
Not quite sure what you mean by "export," but I am using Acronis TrueImage
to backup my drive, incrementally, daily. It is working with bitlocker.
Today, I plan to test restore onto a different hard drive (as if my internal
hard drive had failed.) I expect it to be successful, but after restore,
the drive will not be encrypted, and I'll have to re-encrypt.
I forget who, but somebody said they use the windows built-in Backup Center,
to perform an incremental scheduled Complete System backup, and it is
working successfully too.
After this, I have only one more thing to test. Move the encrypted drive
into a new laptop, as if my motherboard or screen had died. Figure out how
to boot (I hope I can use keys from a USB drive or something like that).
See what implications there are... Such as ... Do I need to re-encrypt the
whole drive? Or can I simply load existing keys into the TPM and move on?
Don't know yet.
More information about the bblisa
mailing list