Understanding BitLocker and Encryption


  1. jre751
    Posts : 2
    Windows 7 Ultimate x64
       New #1

    Understanding BitLocker and Encryption


    I just want to understand some basic points about encryption in Windows 7. If I setup BitLocker or VeraCrypt in Windows 7 and someone removes my hard drive they 'technically' cannot view my drive without an unlock key or password.

    However if I encrypt the whole drive and it is decrypted on boot with an unlock code or password, which I guess is standard procedure, that means its security at this stage is exactly the same as a standard decrypted HDD and a hacker can view all my data if they break through the internet security suite?
      My Computer
    Quote Quote

  3. Alejandro85
    Posts : 2,468
    Windows 7 Ultimate x64
       New #2

    Your understanding is totally correct.

    Like with every security feature, the key point is to understand what it's meant to protect against. In the case of full-disk encryption, it helps deter physical attacks. If someone picks the HD and puts in another computer, or boots with another OS, he'll only see the encrypted contents. He won't see what it contains, what it's used and how much is free, much less can alter anything. What you gain from this is privacy.
    Of course, an attacker is NOT prevented from simply formating your hard disk and damaging the whole data, or from tacking the disk altogether, you'll still loss the HD

    BitLocker, VeraCrypt, or anything like work pretty much in the same way, they replace the Windows bootloader with their own, ask for the password, then decrypt the required sectors in-memory and only saves encrypted data back (plaintext never hits the disk). And this isn't even limited to Windows, any OS does pretty much the same thing.

    Like you said, once you've booted the computer, the layer of protection is removed and the OS works normally. Viruses, deliverate destructive actions, human errors or program bugs affect the same there, since the encryption layer will happily save any malicious action into the HD, just scrambled. It offers exactly zero protection against malware. You still have to do your backups, firewall, updates, permission hardening as normal to get security against that.
      My Computer
    Quote Quote

  4. jre751
    Posts : 2
    Windows 7 Ultimate x64
    Thread Starter
       New #3

    Sorry for the late reply. Is there a way to part encrypt folders on a drive one by one or in groups and then decrypt each one(s) only when required? This isn't ideal but just a thought.
      My Computer
    Quote Quote

 

  Related Discussions
How to Turn Windows 7 BitLocker To Go On or Off for Removable Drives BitLocker To Go is used to encrypt and password protect any removable external hard drives and USB flash drives. The drives must be formatted using either the exFAT, FAT16, FAT32, or NTFS file system and must be at least...
Bitlocker Encryption drives
in General Discussion

I m having problems with bitlocker :cry: .... my hard drives are not showing in control panel-->system&security-->Bitlocker Encryption drive .... any help related to this please ?????????????????????????????????????????????????????????
How to Change Windows 7 BitLocker Drive Encryption Method and Cipher Strength This will show you how to change the encryption algorithm and key cipher strength used by BitLocker to encrypt drives in Windows 7.BitLocker Drive Encryption supports 128-bit and 256-bit encryption keys. Longer...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 14:23.
Find Us