Backing Up Bitlocker Encrypted Disks

Similar Messages

• Backing up to encrypted disk image on an external usb drive

  I'd like to use an encrypted disk image on an external USB drive as the target for my Time Machine backups, but it seems that Time Machine will only recognize physical external drives, and not mounted disk images in the "Change Disk..." window.
  Is it possible to make Time Machine use disk images mounted from an external USB drive?
  Thanks.

  ..."Is it possible to make Time Machine use disk images mounted from an external USB drive?"...
  Actually, with a few caveats, it is possible.
  Just follow one of the many tutorials on the web for creating an encrypted sparse bundle for use with "TimeMachine" on a network volume (i.e. MACaddress.sparsebundle naming convention, password stored to the system keychain, etc.), and then attach the drive locally and select the drive (not the mounted disk image) as the backup drive. As "Glen Carter" reported in another thread on this site, "TimeMachine" is smart enough to know to mount the disk image for backups when the drive is connected locally.
  There are caveats for example, - while backups remain automatic, it appears that actually browsing the backups requires that the disk image be mounted manually first, then accessed via the "Browse Other Time Machine Disks…" option.
  One caveat to pay particular attention to is what happens when the drive starts to fill up and space becomes limiting - the processes of deleting expired backups and sparse image compaction may not be well integrated, as discussed here:
  http://www.flokru.org/2008/03/15/time-machine-backups-on-network-shares-2-possib le-problems/
  The article implies that the end result could be deletion of all backups! The article is dated March 2008 but I have no idea whether the issue has been resolved.
  Just be advised that it is an unsupported configuration so the extra security will come at the cost of some convenience and potential increase in the chance of data loss. Most users recommend using supplemental backup strategies since the intended purpose of TimeMachine is actually very limited and often misunderstood. Apart from that, it is a rule written in stone that whenever encryption is used, the encrypted items themselves must be backed up.

• Any gotchas for encrypted disk images?

  I am about to set up e-bills and e-statements at various banks and credit cards and wanted to check a couple of things before doing something that may end up being bad
  The assumption I am going with, is I will create an encrypted disk image to store all the PDF's.
  1. Is that the right thing to do? Or is there a better way to keep the data secure?
  2. If I do so, what is the backup impact? Can I simply set up a task to copy and paste the entire disk image to my external drive?
  3. If I want to open the disk image on another computer, can I? How will it authenticate the user/pass on a different computer?
  4. I can backup an encrypted disk image to a FAT-formatted external drive?
  5. And finally, I have read disclaimers that if I forget the password the data is lost irretrievably. But also, that the password is stored in keychain. So if the password is stored in keychain, the worst-case scenario can only happen if I forget the master password, right? I don't need to truly remember the password to the disk image necessarily, right?

  baltwo wrote:
  Your profile info indicates that you're running Tiger. If so, post to those forums. If you're running Leopard, update your profile info. What are you trying to protect and from who? Is your computer secure?
  IIRC, encrypted disk image passwords are independent from Keychain Access. So if you forget it, then you're hosed. BTW, that's the major failing with encrypted anything. If you forget the password, you're hosed. If the disk image gets corrupted, it's useless with or without the password. Anything stored in an encrypted disk image needs to be backed up in an unencrypted state and stored in some kind of physical thing like a safe. Methinks your a bit paranoid. Disable auto-login, use high-level passwords (that you remember), don't enable the root user account or activate a master password, and you should be secured enough.
  I updated the profile. I am running Leopard. So this is the correct forum.
  What am I trying to protect? I thought I put it in the first line - statements from banks and credit cards.
  From whom? From unwanted entities who may get access to my computer, in any way.
  I didn't get the part about the safe. Can I or can I not back up an encrypted disk image to an external drive "as is"? What about possibly opening it up on another computer? And how about putting it on a FAT-formatted disk? I repeat my original questions, but for a reason - they seem to have not been answered.
  I do not have auto-login, and I remember my strong login password. I don't have my root account enabled. Under this scenario you think my data is going to be secure? What about if someone were to get control of my computer? Forgive me on this one, I am a switcher so there is a general paranoia about such things which I would like to clarify before reorganizing my life.

• Windows 8.1 BitLocker Full Disk Encryption

  Hello all,
  I recently purchased a Samsung SSD 840EV that supports Encrypted Drive (eDrive) hardware encryption.  I followed the Samsung directions on enabling eDrive by doing a secure erase and a fresh Windows 8.1 install with UEFI BIOS enabled.  The Samsung
  software sees that eDrive is enabled.  I turned on BitLocker which successfully encrypts the drive.  In order to verify that the drive is encrypted and also to have a contingency plan, I removed the drive and connected it to another computer via
  USB.  When I do this, I can't access any data on the drive, the file system shows as RAW, and if I try to explore the drive I get "Data error: Cyclical Redundancy Check".  I've also tried using command line tools to unlock the drive and
  opened the BitLocker management on the PC to see if I could see and unlock the drive in there, but I don't.  I know the drive is good and I can remove it and put it back in the laptop and boot back into Windows just fine.  
  I used the same drive on Windows 7 which does not support eDrive and therefore could only use software encryption with BitLocker.  In this scenario, I could pull the drive and attach it to another computer and then windows would prompt me for my recovery
  key and allow me to access it.
  At this point I am wondering if because the new drive uses eDrive, it is not possible to access it from another computer.  However, this doesn't really make sense because if my computer got hosed then there should be SOME way to recover the data from
  another machine.  And again, this worked fine with the same drive and Windows 7/software BitLocker encryption.
  Any thoughts?

  Hi,
  About your confusion, I think it would be better to consult with eDrive support to check if this problem caused by eDrive.
  http://www.edrive.co.nz/
  Roger Lu
  TechNet Community Support

• BitLocker Encryption ToGo; Decryption Issue.

  I currently have a USB drive that has been partially encrypted with BitLocker Encryption, but will not allow me to unlock it. I have looked for many resources on solving this issue, but have decided to post my details.
  I am running Windows 7 Enterprise. I have the Password and I have a FIPS-140-2 complaint Recovery Key. All of my USB drives have the FAT32 file system. I do not have a TPM or Smart Card, but i do have the 256 bit FVE key. I have not tried unlocking on another
  computer with BitLocker Encryption.
  First of all i successfully encrypted one USB drive with no issues and stored the key on another USB drive. Next I encrypted a hard disk drive and stored the key on the same USB drive. Next i begun encrypted the USB drive that had the keys stored on it,
  but realized i had to have had encrypt another drive first so I stopped the encryption at about 4%, by closing BitLocker. I realize this is where i must have gone wrong, because i stopped the encryption algorithm as it was already started. BitLocker took awhile
  to close so i assumed it reversed encrypted what it had already encrypted. I then encrypted the other drive and stored the key on the USB drive with the keys on it. According to a BitLocker policy the keys encrypt each other and become chained together, but
  this may not be relevant to the issue. I resumed the encryption process of the partly encrypted USB drive and stored the key on an entirely separate and not yet encrypted USB drive and this seemed to complete with no issues. Then i encrypt the final USB drive
  and stored the key on a non encrypted hard disk.
  Now the problem I am having is when I attempt to unlock the USB drive with the keys on it. The drive unlocks, but then unmounts itself and asks for the password again and this ends up being an endless loop. I decide to decrypt all drives in the order i encrypted
  them and there appears to be no issue except for with the USB drive with most of the keys on it. I am unable to unlock and decrypt the USB with the keys on it so i skip this drive in the process and I am able to fully decrypt the rest of the drives using the
  keys stored on the "broken" encrypted drive regardless of skipping decrypting it. If I attempt to decrypt or unlock the USB drive with the keys on it I can not, so I tried rebooting. Now when I attempt to unlock the drive using the password through
  the BitLocker Encryption Manager the manager seems to freeze and goes into a non responsive mode and I am unable to close it, even after safely removing the USB drive.
  I have tried a few different methods to solve this issue, but fear that without manually decrypting every single bit exactly how they were encrypted the data may be lost.
  I use an elevated command prompt to use the standard "manage-bde d: -unlock -pw" and then enter the password, but this seems to only unlock the drive momentarily before it unmounts itself.
  I have also tried using "manage-bde d: -unlock -recoverykey '[recoverykey/path].bek'", but this shows the same behavior.
  I have also tried using "repair-bde d: e: -recoverykey '[recoverykey/path].bek'" and the command prompt says "Error: Cannot open 'D:'. Check that it is not currently in use. To continue even when the volume is in use, add the -Force option.".
  Not using the "-Force" parameter allows me to access the drive as if it isn't locked, but only lets me see the "COV 0000. ER" and other BitLocker ToGo autorun files, while not letting me modify or copy the "COV 0000. ER" file.
  I am able to view the "COV 0000. ER" file with a hex editor, but do not want to have to screen capture every screen worth of characters to attempt to manually decrypt the entire two gigabytes of information, while still not knowing exactly what timestep
  the encryption algorithm actually stopped at.
  If I use "repair-bde d: e: -recoverykey '[recoverykey/path].bek'" again or use the "repair-bde d: e: -recoverykey '[recoverykey/path].bek' -force" the drive seems to respond and starts scanning for BitLocker metadata, and boot sectors.
  I am then prompted "LOG INFO: 0x00000027", "Valid metadata at offset 579055616 found at scan level 1.", "LOG INFO: 0x00000028 Successfully created repair context. Beginning decryption". The "d:" USB drive is approximately
  two gigabytes, while the "e:" is approximately eight gigabytes. This then does from 1% to 99% without any issues. As the decryption process hits 99%, I am prompted with a popup "repair-bde.exe - Wrong Volume", "The wrong volume is
  in the drive. Please insert volume into drive \Device\Harddisk2\DR8", "Cancel: Try Again: Continue" and the encrypted USB unmounts itself again and asks for the password through the BitLocker Drive Encryption Manager. No matter which of the
  three choices I select the command prompt then says "LOG ERROR: 0xc0000035 Failed to read sector at offset 2000010000. <0x00000002>" and repeats untill it hits "2015160832" and then says "Decrypting: 100% Complete. Finished decryption.
  ACTION REQUIRED: Run 'chkdsk D: /f' before viewing decrypted data. Now I still have the USB drive with the keys on it, but it remains locked, but now the eight gigabyte USB drive I used as "e:" is seen as a "RAW" filesystem under "Disk
  Management", but "FAT32" under "My Computer". If i try to open "e:" I am prompted to format the drive before using it. If I use "RUN" to attempt to check the disk for errors in "read-only mode" the drive
  is detected as if it was the "NTFS" file format, but does not seem to have any errors.
  If I choose to format the USB drive "e:" I am able to use it, but it appears blank. Using third party recovery software I am able to retrieve some of the data from the partition, which was on "d:", but it appears to be partly decrypted
  still or possibly fragmented. I realize this step isn't because of BitLocker and may be due to the software used to retrieve the information.
  I am able to repeat this temporarily unlocking of "d:" and attempting to recover process over and over, while still getting the same result.
  Another interesting note is, when I use "manage-bde -status", when the drive is locked I can see that the encrypted drive "d:" is still protected with a password and external key. If I use "repair-bde d: e: -recoverykey '[recoverykey/path].bek"
  to temporally unlock the drive and then use "manage-bde -status" the drive "d:" reads the status as "Size: 1.88 GB, BitLocker Version: None, Conversion Status: Fully Decrypted, Percentage Encrypted: 0%, ERROR: An error occurred <code
  0x80070057>:, The parameter is incorrect.".
  Also when the USB drive is temporally unlocked using "repair-bde d: e: -recoverykey '[recoverykey/path].bek" and I use "manage-bde d: -off" I am prompted "ERROR: An error occurred <code 0x80310008>: BitLocker Drive Encryption
  is not enabled on this drive. Turn on BitLocker.". If I use "manage-bde d: -on" the USB drive is detected by BitLocker as having no name, as expected, but also "ERROR: An error occurred <code 0x8031002e>: BitLocker Drive Encryption
  cannot encrypt the specified drive because an encryption key is not available. Add a key protector to encrypt this drive." If I use "manage-bde d: -on -recoverykey '[recoverykey/path].bek'" then BitLocker detects the drive, but prompts "Key
  Protectors Added: ERROR: An error occurred <code 0x8031002d>: The drive encryption algorithm and key cannot be set on a previously encrypted drive. To encrypt this drive with BitLocker Drive Encryption, remove the previous encryption and then turn on
  BitLocker."
  If I use "manage-bde d: -protectors -disable" I am prompted "ERROR: An error occurred <code 0x8031002d>: The drive encryption algorithm and key cannot be set on a previously encrypted drive. To encrypt this drive with BitLocker Drive
  Encryption, remove the previous encryption and then turn on BitLocker.", but if I use "manage-bde d: -protectors -enable" I am prompted "ERROR: An error occurred <code 0x80310001>: This drive is not encrypted.".
  A review of my issue is that I have a BitLocker Encrypted USB Drive, which will not allow me to unlock it no matter how i attempt to do it. I end up with the USB drive automatically unmounting itself when I try to unlock it and this will not allow me to
  decrypt it.
  Thank You in advance for taking the time and consideration to fully understand and read my post. I would have went to the Microsoft professional support hotline, but it would have cost about $250.00 for me to attempt to explain this very large amount of
  text that I had to proof read and edit.
  I believe I have stated all the information that is relevant to the issue I am having and I would appreciate any help that would help me resolve my problem decrypting the information, without the need to manually decrypt every single bit or using an at least
  128 D-Bit quantum computer, "Qumputer".
  I have considered these resources already, but am willing to reconsider them if i missed something.
  BitLocker Drive Encryption Overview: http://technet.microsoft.com/en-us/library/cc732774.aspx
  Manage-DBE: http://technet.microsoft.com/en-us/library/ff829849.aspx
  Windows BitLocker Drive Encryption Frequently Asked Questions: http://technet.microsoft.com/en-us/library/cc766200%28v=ws.10%29.aspx   (I haven't completely read everything, but skimmed through for what i thought may have been relevant.)
  Scenario 14: Using a Data Recovery Agent to Recover BitLocker-Protected Drives (Windows 7): http://technet.microsoft.com/en-us/library/ee424312%28WS.10%29.aspx   (This might have worked but I don't have a smart card and I didn't already have the
  recovery agent set up in group policies before I started encrypting.)
  Scenario 16: Using the BitLocker Repair Tool to Recover a Drive: http://technet.microsoft.com/en-us/library/ee523219%28WS.10%29.aspx

  Hi,
  Did you remember clear which one store in which one? It's so complex on your description.
  Have you tried to recover the drive which the most key stored in it by non encrypted hard disk that stored in the USB drive key?
  If it still failed, i would like to suggest you contact the professional data recovery center for help.
  Note: It's not recommend you use third party software to recover. Since your data might lost because of some fault.
  Karen Hu
  TechNet Community Support
  Sorry i tried to explain my situation as thoroughly as possible without having to take screen captures of each step of the process.
  I have written down what keys were stored where, so there shouldn't be any chance of mixing up the keys. I have also attempted to recover using a different key. Possibly using a different key causes the drive to attempt to decrypt with the wrong algorithm
  and actually encrypting the data even more, but this doesn't seem to be the case because it just fails and goes back into the state it was in.
  Also how would one get a hold of the professional data recovery team. Them being "professionals" i would assume their services are not free, but i may be mistaken.
  Also I will not attempt to use "third party software" again, but I was just getting desperate and that is why I tried it on the partition of the backup, which appears to be blank anyways. This isn't relevant to the issue at hand though.
  I know encryption isn't 100% non reversible no matter how large of the keys and algorithms are, so there should always be a way to decrypt.

• Backing up an encrypted drive with Time Machine under Snow Leopard

  In a nutshell, my question is “Can I back up an encrypted drive using Time Machine under Snow Leopard, and if so, how do I access its data from a previous day?”
  I have a 1Tb USB drive connected to my MacBook, which runs Snow Leopard. The drive is formatted as Mac OS Extended (Journaled). This drive is included in the drives that Time Machine backs up. I used Disk Utility to create an encrypted drive on the USB drive (998Gb), also formatted as Mac OS Extended (Journaled). The encrypted drive is not on TimeMachine’s list of excluded files/drives.
  When I go into Time Machine, I can see the USB drive and the encrypted drive in the side bar. I can access the files on the encrypted drive as long as I’m looking at how it stands now. But if I move backward in time, the encrypted drive is grayed out and inaccessible.  If I click on the USB drive, I get a window that tells me it is 75.9Gb in size, and nothing else is available to me.
  When I open the back-up drive in Finder and navigate to Backups.backupdb > macbook name > some date and time, I see my MacBook’s hard drive and the USB drive. The encrypted drive is not shown. When I click on the USB drive, I see an entry for drivename.sparsebundle. When I click on that I’m prompted for the password for the encrypted drive. When I enter it, I get a warning telling me that the disk image could not be opened and that the encrypted drive has no mountable file systems.
  Is my encrypted drive really be backed-up and if so, how do I access the backed-up data? 

  Having received a bunch of views but no replies over the last 5 days, I decided to venture into my local Apple store and ask this same question. The response I got from the geniuses was that you can't get a reliable back-up of an encrypted drive using Time Machine under Snow Leopard. So, my only alternative is to copy the encrypted drive's contents elsewhere, unencrypt the drive, and then copy the contents back. This is what I expected, but not what I wanted to hear.

• Problems with Comodo Kill Switch, Windows Services & Bitlocker Encryption on Asus N56VZ

  Hi All,
  So recently I found myself stuck in a different scenario than before, and after many hours researching and efforts to fix this I still find myself stuck  yet with a few options still to fix.
  What is the problem?
  So as a security cautious user when i first got to Windows 8.1 Pro 64Bit I encrypted both the C and D drive (Split the main disk) to protect myself and my family. Unfortunately that has not been very helpful with the way in which booting and running from
  either external USB devices or CD/DVD works, not allowing myself to at all.
  My usual security suit I  use is Comodo Internet Security, which additionally comes with Comodo Kill Switch. Whilst using the application instead of stopping one of the TCP connections I was meant to I accidently stopped an Windows Explorer connection.
  For some reason since then Windows Explorer, nor most windows apps or services themselves will run. For example msconfig will run but sfc /scannow or mmc will not, whether in safe mode or normal mode.
  What Caused the Problem?
  Cannot 100% say
  What I Think Caused the Problem?
  Myself running Comodo Kill Switch stopping a vital server connection with Windows Explorer that messed up alot. Or a potential Virus unknown how cannot fully scan system as wont boot externally or run many apps.
  Additional Info
  Asus Webcam is Disabled on Purpose
  Laptop was fully customized to run latest games full graphics minus Anti Aliasing, works with Evolve + CoD Advanced Warfare
  Laptop does not boot if USB Keyboard plugged in, works with everything else normal (had this on other systems no problem for me)
  Ask me for more info if required to add here, braindead again
  Specifications of my system
  Intel® Core™ i7 3610QM Processor
  Windows 8.1 Pro 64Bit
  Intel® HM76 Chipset
  DDR3 1600 MHz SDRAM, 2 x SO-DIMM 8GB
  15.6" HD (1366x768)/Full HD (1920x1080)/Wide View Angle LED Backlight
  NVIDIA® GeForce® GT 650M with 2GB DDR3 VRAM
  1TB 5400RPM OR 750GB 5400/7200RPM (Cannot remember off top of head, braindead)
  Super-Multi DVD 
  Kensington lock (Security Feature)
  LoJack (Security Feature)
  BIOS Booting User Password Protection (Security Feature)
  HDD User Password Protection and Security (Security Feature)
  Pre-OS Authentication by programmable key code (Security Feature)
  What Can Run and Won't Run?
  ON BOOT:
  Bitlocker Encryption Password & Advanced Settings are accessible
  Bios (password protected) is accessible
  Windows Recovery Mode is accessible (Think it is F9 or F10)
  Windows Logon Password Screen is accessible
  ON NORMAL/SAFE-MODE START UP:
  After Log-In Windows Explorer will not run
  Task Manager will run, also allows me to browse the files when trying to start new task
  Can run Command prompt
  Cannot run any control panel items
  Cannot run services.msc
  Cannot run mmc
  Cannot run sfc
  Every time it metions windows drive is locked
  Start Error's when running certain applications (Will post codes soon)
  Rufus USB Tool does run
  Cannot boot Kali Linux off USB
  Cannot boot Windows 8.1 off USB
  Cannot boot Windows 8.1 off DVDRW
  Fixwin2 will not run
  Apps either work or don't whether in safe mode or normal
  Cannot use Windows Installer
  What Fixes I Have Tried So Far
  Ok so like any normal user I don't want to lose my files. So here are what I have tried so far:
  Repair MBR (Repair Completed, No Luck)
  SFC /SCANNOW (Returns Error 'Windows Resource Protection could not start the repair service')
  Tried sfc /SCANNOW /OFFBOOTDIR=c:\ /OFFWINDIR=c:\windows (Could not access drive)
  Fixwin2 (Will not run in either normal or safe mode)
  Booting using Windows 8.1 via USB (Cannot boot from extermal devices due to Bitlocker Encryption)
  Booting using Kali Linux Via DVD & USB (Cannot boot from external devices due to Bitlocker Encrytption)
  How do I know it is because of Bitlocker, because last time I disabled it, I could run from external devices
  Tried to run bitlocker to change settings (Will not run)
  Have used both password and recovery keys to unlock driver, they work but when applications are running on windows the drive is still locked?
  Tried windows Automatic Diagnostic and Repair (Could not repair anything, did make a log I am still to extract from the syste)
  There are No System Restore Points
  I'm sure there is much more information I could post however I will leave it on an ask to know basis, apart from the log files and further information to gather. Below is my list of trial and error fixes to try for today (need more ideas and help please!):
  Hiren's 15.2 Boot CD via DVD (NOT ABLE TO BOOT)
  Hiren's 15.2 Boot CD via USB (NOT ABLE TO BOOT)
  Research into the Bios and Possible Update in-case of implementation of Virus, can access flash utility (STILL NOT TESTED)
  Try and get a portable version or a working version of windows installer to try and re-install Comodo Internet Security (STILL NOT TESTED)
  Another way to disable Bitlocker
  Anti-Malware / Anti-Virus Scan If Possible to Run One
  Bitlocker Repair Tool, will try this also
  I have posted this as have not found much info online, usually find it and crack on but this time things are a little more tricky, my priority task I really need to do is remove the Bitlocker Encryption, but if the application will not run... what do I do
  then?
  Thanks for your time reading all, Sorry for any poor formatting or spelling.
  Update 1: MMC.exe Error Code
  Ok so now have the computer in safe mode, still same as before, no explorer.exe, no services etc... Just went into the Task Manager > Services (Tab) > Open Services (Option at bottom)
  This is the error I get:
  'The Instruction at 0x785a746c referenced memory at 0x000000a8. The memory could not be read.
  Any Ideas on what this error is and why?
  Update 2: CHKDSK Works with no Fix
  Update 3: Hiren's 15.2 Boot CD - USB Boot still no luck booting around Bitlocker Encryption
  Just to explain again, I already have unlocked the drive with correct bitlocker password or recovery key yet the drive remains locked not allowing windows refresh of files of complete install from the windows recovery menu as keeps saying drive is locked

  Ok so attempt number two to write this update via bloody phone! (Just refreshed page whilst writing!)
  Update 4:
  Problem - cannot run from bootable devices (DVD/USB)
  Cause - bitlocker fully encrypted drive stops this working
  Repair - Boot up holding F9 to enter windows recovery Input Bitlocker recovery keys to unlock drives
  Navigate to Command Prompt in advanced settings Execute following code:
  Repair-bde c: d: -rp 000111-222333-444555-etc...
  (Code found from https://technet.microsoft.com/en-us/library/ee523219%28v=ws.10%29.aspx)
  Note for those using this: It is common while unlocking certain drives to get errors such as: Quote from http://www.benjaminathawes.com/2013/03/17/resolving-partial-encryption-problems-with-bitlocker/
  "LOG INFO: 0x0000002aValid metadata at offset 8832512000 found at scan level
  1.LOG INFO: 0x0000002b Successfully created repair context.
  LOG ERROR: 0xc0000037 Failed to read sector at offset 9211592704.
  (0×00000017) LOG ERROR: 0xc0000037 Failed to read sector at offset 9211593216.
  (0×00000017) …followed by around 20 similar entries that differed only by the offset value"
  Repair Status for Update 4: COMPLETED - However over wrote D drive data so now need to recover that
  Problem 2 - windows services corrupted along with windows files
  Cause - Unknown
  Repair - wait until system is fully decrypted Once fully decrypted ensure boot from USB/DVD
  Re-do fixes that would not work before if this has fixed boot issue Confirm fix / update post Hope anything I put here helps others also

• Is Diskpart unable to clean bitlocker encrypted Windows 8 to go installations?

  Hi all.
  I am aware that this is a configuration that not many of you will have, but worth a try...
  I am running windows 8.1 enterprise x64 installed on a USB drive as windows to go. The USB drive is a supported one for this configuration, Kingston Data Traveller 32 GB. Also I use bitlocker to encrypt the whole drive and all works very nice.
  Lately however, I wanted to restore an image backup to the drive, so I plugged it into another pc running windows 8.1 enterprise.
  The imaging software however was not able to write to the drive and told me, it is in use. So I looked at explorer, but it was not even mounted, which is expected behavior with windows 8.1.
  To overcome the problem, I tried to clean the drive using diskpart and this is where the question starts: Although diskpart told me that cleaning was successful, the imaging software was still not able to write to the drive! So I said, "damn
  it, win8.1, what's wrong? I'll use windows 7 to replay the image to the drive!"
  On windows 7 I was flabbergasted after inserting the drive: I was presented a message from bitlocker to go which asked me for the password (which I provided and which worked). I did not get that on 8.1!
  Attention, the question is right here:
  Why is diskpart unable to clean the drive? Why does it tell me "cleaning was successful" (and I could verify that, partitions were indeed removed) although it is obviously unable to remove the bitlocker info?
  So far, my understanding of diskpart's clean command was that it completely resets the drive.
  Am I right, or what did I miss? Is diskpart not supported on "windows 8.1 to go"?

  I dont think diskpart will remove bitlocker encryption.. To remove encryption you must use decryption method.. If you have forgotten password you have to use bitlocker recovery key
  Try try Bitlocker repair tool if the partition is damaged..http://www.microsoft.com/en-us/download/details.aspx?id=17294
  "The BitLocker Repair
  Tool can assist administrators in recovering data from a corrupted or damaged disk volume that was encrypted with BitLocker."
   Using the BitLocker
  Repair Tool to Recover a Drive
  http://technet.microsoft.com/en-us/library/ee523219(WS.10).aspx
  http://support.microsoft.com/kb/928201
  If you have lost your password or recovery key check these 
  I
  Lost My Bitlocker Recovery Key
  http://www.pcandtablet.com/windows-8-errors-and-crashes/279/i-have-lost-my-windows-8-bitlocker-key-now-i-cant-boot-how-can-i-recover-my-data.html
  http://windows.microsoft.com/en-us/windows-8/bitlocker-recovery-keys-faq  
  Hetti Arachchige V Aravinda | Network & System Administrator (B.Sc, Microsoft Small Business Specialist, MCP, MCTS, MCSA, MCSE,MCITP, CCNA, CEH, MBCS)

• Problem using iPod as encrypted disk for G4 Backup

  i have created an encrypted disk image on my iPod for backing up my G4 desktop folder. works like a charm. however, OSX limits the size of this disk image to 500MB when it is created using Disk Utility. that is unfortunate since my desktop folder is larger than that. the iPod has 14 Gigs of memory available and i would like the encrypted disk to be larger. is there any way to modify this limitation?
  many thanks

  In disk utility when you select "new image", it should give you the option, size, where you can select from various preset sizes or create your own custom size. Try creating the image you your local drive first then copy it to your ipod.

• Using iPod as encrypted disk for G4 Backup

  i have created an encrypted disk image on my iPod for backing up my G4 desktop folder. works like a charm. however, OSX limits the size of this disk image to 500MB when it is created using Disk Utility. that is unfortunate since my desktop folder is larger than that. the iPod has 14 Gigs of memory available and i would like the encrypted disk to be larger. is there any way to modify this limitation?
  many thanks

  i hadn't seen the "custom" item in the menu for selecting a size other than what the computer was suggesting. all better now.....

• After 10.6 security update 2013-002 PGP encrypted disk won't boot

  I ran the latest security update on my very old 17" intel MacBook Pro (It won't boot, so I can't give you the model number). It has PGP encryption installed on it, but I only have my passphrase, not the keys since it's a managed system.  Half way through the install, it failed with a cryptic error, and the machine won't boot now. It gets half way through booting, and the screen goes black.
  I have booted into single user mode, and ran fsck and applejack, only to get an error about a sibling error, and the hard disk is full.
  Is this a PGP issue? Does the latest security update conflict with PGP?
  I found this resolution to a similar sounding problem in 2010, but am unsure if this is happening now. Google searching hasn't yeilded anything so far.
  http://hints.macworld.com/article.php?story=20101111120329585
  Thanks for any help.
  Melissa

  About PGP I can't tell; the hint you linked (and the suggested fix) might still be valid:
  PGP recommends folks to decrypt their drives first, update to 10.6.5 and then re-encrypt.
  this sounds as a general recommendation.
  However fsck reported a sibling error (an invalid link sibling error I presume) and that's not fine. Afaik, Disk Utility can't fix it; DiskWarrior hopefully will. I quote from Alsoft Support Database:
  Question
  Is DiskWarrior capable of repairing an "Invalid Sibling Link" error?
  Answer
  This is an error you definitely don't want. It indicates that parts of your directory, and therefore some of your files and folders, are inaccessible.
  Mac OS Standard (HFS) and Mac OS Extended (HFS Plus) disk directories have a very complex structure. Each file or folder (item) on a disk has an entry in the disk's directory. These entries are in order of enclosing folder and then item name. This is similar to a yellow pages directory being ordered by type of business and then business name. Just like a yellow pages directory, the disk directory has pages except that its pages are called nodes. Unlike the yellow pages, nodes are dynamic and change as you add and delete items. It's sort of like a realtime yellow pages.
  Imagine that the pages of the yellow pages are not in order and at the bottom of each page it says "Continued on page n," where n is the page that contains the next set of listings for the particular type of business that you're looking up. Well nodes are not arranged in order and each node has a reference, or link, to the next node that contains the next set of ordered items. This link is what is referred to as the sibling link.
  A sibling link error is a bad link to another node. Either the link refers to the wrong node or it refers to an invalid node. As I said, a sibling link error makes some of your items inaccessible and can even prevent a disk from mounting. Sibling errors are notoriously difficult for some of the patching type of disk repair utilities to repair. Sometimes the repairs fail and the directory is damaged further. If a disk with a sibling link error is still mountable, I would advise backing up the accessible files and folders on the disk before attempting to repair it with that type of disk repair utility.
  I'm not really sure DiskWarrior will work on a PGP encrypted disk. According to a few old Google matches, it should. See e.g.:
  http://kb.mit.edu/confluence/pages/viewpage.action?pageId=4263350
  but according to more recent ones, it won't:
  https://discussions.apple.com/thread/2719460?start=0&tstart=0
  It seems you're out of luck even with Safe Boot (from PGP Whole Disk Encryption Command Line User's Guide):
  The Mac OS X Safe Boot feature does not work on a boot disk that has been whole disk encrypted; if you hold down the Shift key to enter Safe Boot, the system will fail to boot after authenticating at the PGP BootGuard screen.
  So, while you're waiting for some more knowledgeable advice, you might backup your data to an external drive while booted in single user mode. There are many how-tos out there; I think this one is pretty clear:
  http://jsalovaara.com/blog/backing-up-files-to-a-usb-drive-using-single-user-mod e.html
  Hope this helps.

• Indexing of encrypted disk images permanently disabled in 10.8?

  In the past, I've had no trouble forcing Spotlight to index my encrypted disk image, using the command in Terminal:
  sudo mdutil -i on /Volumes/Encrypted_Data
  After entering that command, my encrypted disk image was indexed and searchable using Spotlight.
  A couple weeks ago I updated from Lion to Mountain Lion. Today I noticed Spotlight wasn't showing any results from my encrypted disk image. So went back to Terminal and entered the above command. Instead of successfully activating indexing, Terminal gives me this message:
  /Volumes/Encrypted_Data:
              Indexing disabled.
  Is this procedure now impossible in Mountain Lion?
  Is there any way to enable indexing of this encrypted disk image? I can't get it to work.
  Thanks.

  I appear to have solved the problem to get Spotlight to index a disk image.  My image was an encrypted disk image.  I was able to get spotlight to work when it was new, but now Spotlight won't index it.  Here is the solution that I found:
  After double clicking and mounting disk the image, open Disk Utility, select the disk image file, then click unmount in the Toolbar.  Wait until it is unmounted, then click mount again.   Then go to terminal and try mdutil -sa .  If it is still not enabled, try to sudo mdutil -i on option.  The unmounting and remounting must be done everytime the image is opened.

• Time Machine Backups of Encrypted Disk Images, Part 2

  Hi:
  If Time Machine is backing up a hard drive that contains a subset encrypted disk image as part of its contents, and this encrypted disk image is mounted (in an unencrypted state) where the enclosed data has been changed/manipulated in any fashion, what and when does Time Machine backup?
  In other words, does the data in the encrypted disk image only change when the encrypted disk image is unmounted? Or is it somehow backed up real time even when the encrypted disk image is mounted on the desktop in an unencrypted state while Time Machine is working?
  Sorry I can't explain this very well, but hopefully the gist is clear.
  Thanks!
  (OS 10.8.2)

  Time Machine doesn't back up a disk image file while it's mounted, whether encrypted or not.

• Encrypted Disk Image creation slow?

  I just got a new MBP with Leopard. I have created a number of encrypted disk images in the past using Tiger and a MBP and have not had any trouble. This weekend I tried a few times to create a 50 gig encrypted disk image (128 AES) on an external drive and after going through the process of setting it up and waiting for it to be created, (and watching the progress bar as it was being created), after about 45 minutes NO progress was showing on the progress bar. I ended up having to cancel the creation a few times because I thought something was going wrong. I’m not sure if there is a problem creating the disk image, or leopard is slow, or what.
  Does anyone know how long, on average, it would take to create an encrypted disk image of this size using leopard? I just want to know if there is a problem doing this on my MBP. Thanks for the help.

  A regular 50 GB disk image takes 50GB of space, no matter if it is full of files or empty.
  A 50 GB sparse disk image only takes up the amount of space equivalent to that of its enclosed files. So if the 50GB sparse image only has 1 GB of files inside, the image won't be much bigger than 1GB.
  A sparse bundle is similar to a sparse image, but instead of a single file it is a folder package with many, many enclosed files called bands. A new file added to the sparse bundle will tend to modify only a few bands. This makes incremental backups of a sparse bundle more efficient because only the changed bands need to be backed up again. Any change to a sparse or regular disk image will mean that the entire image will need to be backed up again.
  If you regularly add/remove files to a disk image, and you intend to back up that disk image with Time Machine, a sparse bundle is definitely the way to go. The other types will fill up your TM volume very quickly.

• Encrypted disk image creation very slow-

  I just got a new MBP with Leopard. I have created a number of encrypted disk images in the past using Tiger and a MBP and have not had any trouble. This weekend I tried a few times to create a 50 gig encrypted disk image (128 AES) on an external drive and after going through the process of setting it up and waiting for it to be created, (and watching the progress bar as it was being created), after about 45 minutes NO progress was showing on the progress bar. I ended up having to cancel the creation a few times because I thought something was going wrong. I’m not sure if there is a problem creating the disk image, or leopard is slow, or what.
  Does anyone know how long, on average, it would take to create an encrypted disk image of this size using leopard? I just want to know if there is a problem doing this on my MBP. Thanks for the help.

  A regular 50 GB disk image takes 50GB of space, no matter if it is full of files or empty.
  A 50 GB sparse disk image only takes up the amount of space equivalent to that of its enclosed files. So if the 50GB sparse image only has 1 GB of files inside, the image won't be much bigger than 1GB.
  A sparse bundle is similar to a sparse image, but instead of a single file it is a folder package with many, many enclosed files called bands. A new file added to the sparse bundle will tend to modify only a few bands. This makes incremental backups of a sparse bundle more efficient because only the changed bands need to be backed up again. Any change to a sparse or regular disk image will mean that the entire image will need to be backed up again.
  If you regularly add/remove files to a disk image, and you intend to back up that disk image with Time Machine, a sparse bundle is definitely the way to go. The other types will fill up your TM volume very quickly.