Author Topic: Advice needed  (Read 1816 times)

ITmuppet

  • Newbie
  • *
  • Posts: 2
Advice needed
« on: August 12, 2015, 10:25:18 pm »
Hi

Please be gentle with me my IT knowledge only extended far enough to use trucrypt. I am just getting started with Diskcryptor.

I installed and encrypted my drive D (see sceenshot). Drive D is where all the data is that I want to encrypt. So to use the data on the encrypted drive I just open up Diskcryptor and enter the password I set to mount the drive for use.

My question is should i encrypt the other drives that you can see on my screenshot? Can someone access the data on my D drive by using the other volumes?

 I can see I have drive C - operating system, volume 2 - recovery partition, volume 7 - restore partition, volume 5 - no idea what this is. I am using an Asus laptop with no CD/DVD drive. None of the volumes were marked with the 'boot' label. If one of them was I would have encrypted that.

Please can someone help.

Thanks

ITmuppet

« Last Edit: August 12, 2015, 10:28:31 pm by ITmuppet »

Stack77

  • Newbie
  • *
  • Posts: 8
Re: Advice needed
« Reply #1 on: August 12, 2015, 11:32:46 pm »
I have a similar setup on one of my laptops. It works for me.

C:\  - the system partition is not encrypted. It contains my OS (Windows) and all the program files.

D:\ - the data partition is encrypted with DiskCryptor. My work files and personal information is stored here.

Once you dismount D:\, its contents are fully encrypted. Once D:\ is dismounted, there is no entry point from the other partitions / drives without opening DC and entering your DC password.

The decision to encrypt your other drives is up to you. Many users choose to encrypt C:\ (the system partition) even if no private data is stored there. This is to prevent an attacker from accessing any left-behind configuration files (for example in \User\*\AppData\) that might contain private information after you shut down.

Italick

  • Hero Member
  • *****
  • Posts: 510
Re: Advice needed
« Reply #2 on: August 12, 2015, 11:35:32 pm »
Hi.

Quote
Can someone access the data on my D drive by using the other volumes?

That is theoretically possible if the data has been "leaked".  Somebody shouldn't be able to see everything in the D volume by looking at the other volumes.  Maybe somebody could see a list of recently opened files.  If the files are being indexed on another volume, somebody could possibly see all of their names and locations from the index.  I don't know enough about the Windows indexing service to say whether somebody could see a listing of the files on the D drive by reading system files on the C drive.

I use a program called Index Your Files.  I know for sure that it creates a listing of all files on all drives that it indexes, and it saves the listing in the program folder.

Be careful with Diskcryptor.  You are scrambling your files to deny access to them.  What could possibly go wrong?  Maybe you get denied access to your files, and you are no more capable of reading them than anybody else.  So I recommend doing backups.

My favorite tool for backing up a drive is Macrium Reflect.  It backs up a whole drive to a single file, and it is easy to use, in my opinion.

If you decide to encrypt your system, you want to be able to reverse any chaos created by mistake, right?  That is the purpose of a drive backup.

Bear in mind that Diskcryptor cannot boot an encrypted system in standard UEFI mode.  Those systems include most factory installed Windows 8 and Windows 10 systems.  Also, some Windows 7 systems boot in standard UEFI mode.

If Diskcryptor is used to encrypt a system that boots in standard UEFI mode, the system becomes unbootable, and Diskcryptor does not warn first.  Nevertheless, there are ways to decrypt the system in that case.
« Last Edit: August 12, 2015, 11:49:21 pm by Italick »

ITmuppet

  • Newbie
  • *
  • Posts: 2
Re: Advice needed
« Reply #3 on: August 13, 2015, 12:14:31 am »
Thanks for both of the replies so far. I have just realised I do have my outlook.pst file on my c drive. This contains a LOT of sensitive info. I am wondering how to handle this. Perhaps I can change the location of the outlook.pst file to my d drive where it will be encrypted. Ideally I need to encrypt my C sys drive but I am sure it wont boot afterwards? any advice

Thanks

PS - in terms of data recovery I back up my D drive regularly onto a Western Digital Passport which has it's own encryption built in.
« Last Edit: August 13, 2015, 12:16:19 am by ITmuppet »

Italick

  • Hero Member
  • *****
  • Posts: 510
Re: Advice needed
« Reply #4 on: August 13, 2015, 07:34:05 am »
Hi.

If I was concerned about securing database files that my programs use, I would want the system to be encrypted.

Before using an unfamiliar software product to make a major system change, it is advisable to make a perfect backup of the system.

Are you comfortable with removing a hard drive from your machine and replacing it with a similar hard drive?

You could do this:
* Make a backup image of the internal drive, saved on an external drive.
* Replace the internal drive with a new internal drive.
* Restore the backup image to the new internal drive.

If the computer operates as it did before the drive replacement and the copying, this probably demonstrates that you made a good backup.  If not, removing the new internal drive and putting the original internal drive back in place is likely restore your computer to its condition before the drive replacement and the copying.

If you find that you succeeded in copying the system to the new internal drive, you may leave it in the machine for a while and experiment with encrypting the operating system.

Here is a hint:  If you have a Windows system on a drive with GPT partitioning, it boots by standard UEFI.  If you encrypt the system on such a drive without adjusting the partitions and the bootloader files required by Windows, do not expect Diskcryptor to boot that drive afterwards.

You can look at the machine's boot mode in the BIOS settings menus.  For most PCs, the menus can be accessed during startup if a certain key is pressed, which commands the computer to launch a built-in settings manager instead of launching the operating system.

Here is where I have discussed experimentally changing a system that requires a standard UEFI startup, so that this requirement is removed, and Diskcryptor can start it:

https://diskcryptor.net/forum/index.php?topic=5132.0

Anfinuo

  • Sr. Member
  • ****
  • Posts: 380
Re: Advice needed
« Reply #5 on: August 13, 2015, 07:52:16 pm »
My question is should i encrypt the other drives that you can see on my screenshot?
Yes you should. But before doing that, remove the repair\recovery partitions, because if you encrypt the boot\OS partition, they tend to cause major mess.
And remove, merge other ones until you have only the number of partitions you really need. Safe minimum 1 for boot\OS, 1 for other stuff.

Can someone access the data on my D drive by using the other volumes?
In theory - no. But they can access a lot of information, and install stuff that will, for example, monitor what you type, like the password for the encrypted partition.

PS - in terms of data recovery I back up my D drive regularly onto a Western Digital Passport which has it's own encryption built in.
Hope they improved their encryption since this:
http://forum.hddguru.com/viewtopic.php?f=1&t=21584&p=144502

You can look at the machine's boot mode in the BIOS settings menus.  For most PCs, the menus can be accessed during startup if a certain key is pressed, which commands the computer to launch a built-in settings manager instead of launching the operating system.
Don't scare the muppet by making him stand before the great and powerful BIOS ;)
While in Windows type: "msinfo32" in the "Run.." Windows Start Menu thingy.