Understanding BitLocker and Encryption

J

jre751

New member
Local time
12:05 PM
Messages
2
I just want to understand some basic points about encryption in Windows 7. If I setup BitLocker or VeraCrypt in Windows 7 and someone removes my hard drive they 'technically' cannot view my drive without an unlock key or password.

However if I encrypt the whole drive and it is decrypted on boot with an unlock code or password, which I guess is standard procedure, that means its security at this stage is exactly the same as a standard decrypted HDD and a hacker can view all my data if they break through the internet security suite?
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
Your understanding is totally correct.

Like with every security feature, the key point is to understand what it's meant to protect against. In the case of full-disk encryption, it helps deter physical attacks. If someone picks the HD and puts in another computer, or boots with another OS, he'll only see the encrypted contents. He won't see what it contains, what it's used and how much is free, much less can alter anything. What you gain from this is privacy.
Of course, an attacker is NOT prevented from simply formating your hard disk and damaging the whole data, or from tacking the disk altogether, you'll still loss the HD :p

BitLocker, VeraCrypt, or anything like work pretty much in the same way, they replace the Windows bootloader with their own, ask for the password, then decrypt the required sectors in-memory and only saves encrypted data back (plaintext never hits the disk). And this isn't even limited to Windows, any OS does pretty much the same thing.

Like you said, once you've booted the computer, the layer of protection is removed and the OS works normally. Viruses, deliverate destructive actions, human errors or program bugs affect the same there, since the encryption layer will happily save any malicious action into the HD, just scrambled. It offers exactly zero protection against malware. You still have to do your backups, firewall, updates, permission hardening as normal to get security against that.
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Toshiba Sattelite A665-S6092
OS
Windows 7 Ultimate x64
CPU
Intel Core i7-740QM
Memory
8 GB DDR3
Graphics Card(s)
NVIDIA GeForce 330GT
Screen Resolution
1366x768
Hard Drives
Samsung 840 SSD 500GB
1TB USB3 external HD
Cooling
Coolermaster Notepal U3 notebook cooling pad
Internet Speed
3mbps ASDL
Antivirus
ClamWin 0.98.7
Browser
Opera 12.17 x86 (main), Firefox 38 (sec), IE11 (last resort)
Sorry for the late reply. Is there a way to part encrypt folders on a drive one by one or in groups and then decrypt each one(s) only when required? This isn't ideal but just a thought.
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
You must log in or register to reply here.

Similar threads

R
Old Sony Vaio with Windows 7 64 bit and Recovery Partition
Replies
9
Views
3K
SIW2
SIW2
D
Why I Like Portable Apps
Replies
0
Views
118K
dg1261
D
B
Corupted Windows by Hirens BootCD
Replies
0
Views
4K
brave2heart4u
B
Mike Lynch
Solved A double Stymie: Norton and Bitdefender are Non Starters.
Replies
2
Views
3K
Mike Lynch
Mike Lynch
B
Batch youtube video converter, up to 60fps and works with WMP
Replies
0
Views
13K
bfh47
B
Back
Top