Disk Encryption

Similar Messages

• HP Protecttools - Disk Encryption - How do I recover a hardrive that no longer boots

  I have an HP Laptop that has the HP Protecttools Disk encryption enabled, but will not boot. I need to pull information off of the drive for the employee who owns the laptop and I am unable to becasue of the encryption. I know you can use the key that is generated during the encryption process to unencrypt the drive at the first login screen, however because the drive is not booting I do not get that screen. Is there any utility I can run from a CD/DVD to unencrypt the drive from a command line using the encryption key?

  Hello Charon.  I understand you need to decrypt a drive for a computer that cannot boot.
  What problem is causing the drive to be unable to boot?
  Which notebook are you working with?  Please use this document to locate the product number and use that to identify the notebook.
  Since HP Protect Tool is generally used in an Enterprise environment you may also want to post your question to HP's Business Boards.  Here is a direct link.
  I hope you have a great day!
  Please click the white star under my name to give me Kudos as a way to say "Thanks!"
  Click the "Accept as Solution" button if I resolve your issue.

• Bit locker security issues (easy to crack) disk encryption?

  Bit locker security issues (easy to crack) disk encryption?
  Problem 1: When the PC run I think its too easy to get  malicious users (with usb pendrive) or spyware to get the encryption key (fast and easy)
  youtube.com/watch?v=0npTlOq6q_0
  Problem2:not resistant with bruteforce attacks
  youtube.com/watch?v=zvaJxnvbGic
  Problem 3: not resistant with boot hacking
  Im using DriveCrypt plus pack and searched security issues in bit locker.The bit locker allow you the bruteforce/dic attack easy.I think  It would be much safer 1. (I think the keys stored somewhere that is easily read) 2. Do not just be enough password
  need a password+file combination to decrypt the disk. DriveCrypt plus pack use a file+password combination if you know the password but you wont have the file you can not decrypt the disk (protect with bruteforce attack).On system boot protected bruteforce
  attak you can crash the (boot).If the boot system crash you can not decrypt the disk just the password you need the file+password combination plus to decrypt it. I am not a programmer but I see the BitLocker ( easy security catches to crack the disk encryption).Im
  tested DriveCrypt and I can not get the key that easy (Problem 1). I have not tested it in greater depth just trying to (catches to crack software encryption).

  Where is your question, sir?
  If the question were "is it easy to crack", the answer is "no". Your videos make use of several assumptions and ingredients and permissions that a normal attacker does not have.
  "Problem 3" is not clear, please describe what scenario you are talking about.

• Cisco Agent Desktop / Supervisor Desktop Issue with Full Disk Encryption

  Has anyone had any issues related to running Cisco Agent Desktop or Cisco Supervisor Desktop on a machine running full disk encryption?  Our desktop team installed full disk encryption software from Check Point, and it seams to be causing some issues with call monitoring, screen pops via workflow and connectivity to the UCCX server.  It's not effecting every machine (that we know of), but the fix for us right now is to provide a desktop without the encryption software.  I'm just wondering if this is related to us, or if there is any supporting documentation out there? 
  Any help is apprecicated.

  CAD for IPCCX v4 does not support windows 7. See compatibility matrix:
  http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/crs/express_compatibility/matrix/crscomtx.pdf
  In my experience if you already have CAD installed and you upgrade the OS (without a fresh rebuild) CAD will work - but it is NOT supported. You should test this though.
  You will not be able to install the older version of CAD on windows 7, the installer will give you errors.
  Brian
  please rate helpful posts

• Need 256 Bit AES Full Disk Encryption for a Mac.  The other discussions regarding this issue are very old.  Does anyone have any current advice regarding encryption software?

  Does anyone have any advice regarding 256 bit full disk encryption software for Macs?  The other discussions on the topic are years old, so I would like some current input.  Thanks for your help in advance.

  Depending on your Mac, you might not want to upgrade to OS X 10.7 or 10.8 as it will not run the PowerPC based software your currently using costing a bundle to replace it all, also they will slow down your machine if it's not a more recent issue. You don't want to upgrade OS X without AppleCare defending your possibly bricked logicboard that's for sure.
  Filevault encrypts the boot drive, however in doing so makes it near impossible to fix if you have a software issue and need to recover files directly or by using specialty software. Also it robs the machine of performance even more than the Lions do. So you will really need a SSD to work best with 10.7/10.8 and Filevault, then it has to be freshly installed. Filevault needs 50% free space on the boot drive, then it's going to write to the slower 50% half of the hard drive where performance is terrible compared to the first 50%.
  Also Filevault is cracked under certain conditions, and if someone gets their hands on the machine (like the law) and knows what they are doing.
  If you take your Filevaulted machine to Apple to fix, they are going to require the password to fix the machine obviously.
  Software based encryption is vulnerable, you might want to instead place your sensitive data on external self-encrypting hardware that doesn't rely upon software or computer hacks/bypasses (ike freezing the RAM) to get to it.
  http://www.datalocker.com/products/datalocker-dl3.html
  Iron Keys for portable USB self encryption, both work with any computer, so your not locked into one platform.
  With the senstive data off the computer and on a external device, there is the option of removing, hiding and securing the device. If used with a computer that's never connected to the Internet, it's safe from snoopers, except from a survelliance van parked outside your door.

• Need clarifications on disk encryption

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin:0in;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:10.0pt;
  font-family:"Times New Roman","serif";}
  Could you please clarify the following questions on disk encryption?
  Whenever  we enable/disable disk encryption, we are deleting all the cached data.
  1.           Why are we deleting all the DRE cache, when we enable/disable disk encryption? Instead we should encrypt/decrypt the data with the key that we got from CM.  If we delete all the DRE cache, then we will lose the compression that  we got from the DRE cache.
  2.           How can I verify that the files in the disk are encrypted, after disk encryption is enabled?

  Hi Thenna,
  The partitions we encrypt are some of the largest on the system.  We wouldn't have enough disk space to have two copies (encrypted & decrypted) of those paritions.
  For verification, you would have to remove the disk drives and mount them on another Linux-based system.  We don't provide a way to browse the cache contents.
  Regards,
  Zach

• PGP Whole disk Encryption but for Windows Partition only ?

  Hi,
  Slightly unusual situation here. I want to use my MacBook Pro at work and home. OSX at home and XP at work. Now at work they have a strict policy of only allowing computers on the network with PGP Whole disk Encryption. I've looked into this and there doesn't appear to be a way of setting this up via bootcamp because PGP makes use of MBR which as far as I know bootcamp doesn't use and PGP themselves say bootcamp isn't supported.
  Looking around the web there are various articles about tripple/quad booting Mac systems not using bootcamp but things such as Grub or reFIT. I'm wondering if there is a way of using this boot technique but using the partition option when installing PGP for windows and only setting it up on the defined windows partition.
  Has anybody tried this or have alternatives ?
  Thanks in advance
  Steve

  Hi Steve:
  Windows has a boot manager built in. Windows can be installed on a logical NTFS partition, the boot
  manager can sit on a tiny fat or fat32 primary partition. I have used this arrangement on my PC's
  many times. I have not tried it on a Mac, but it should work. You will need to have some working
  knowledge of partitioning to pull it off.
  I don't know how PGP designed their software, but it should support this arrangement, unless they
  have some cheesy engineering design built into their software that would prevent it from working.
  The windows boot manager has been with NT from the beginning. It is not rocket science, NTLDR
  sits in the usual spot reserved for system boot files, the boot ini file tells NTLDR what partition
  the /windows/system32/ntoskrnl.exe is on and NTLDR passes the ball to ntoskrnl and away
  she goes if everything is Kosher. Windows boot manager can boot other OS's as well.
  Be aware though that windows may assign a drive letter to the windows installation other than
  "c" (usually "d" of "f". That doesn't keep anything from working though.
  Kj

• FileVault 2 Disk Encryption failed

  Disk Encryption of a newly bought iomega prestige LPHD-UP3 1.5TB usb 2/3.0 disk on a MacBook Pro with OS X 10.7 (Lion) fails:
  When trying to erase the disk with Disk Utility as 'Mac OS Extended (Journaled Encrypted)' the following message pops up all the time:
  Disk Encryption failed
  Disk Erase failed with the error:
  Unable to create boot loader partition due to the specifics of your partition map layout.
  The removal of the VirtualCD volume through the Encryption Utility on a Windows PC didn't change anything. Same Failure.

  I have a 500 GB Iomega drive with the Virtual CD.  I ran the recently released mac version of the Encryption Utility to remove it. 
  https://iomega-na-en.custhelp.com/app/answers/detail/a_id/28753/session/L2F2LzEv dGltZS8xMzE1MTUxMTM4L3NpZC9LS0E5dWZEaw%3D%3D
  Since then, after my MacBook Pro wakes of from sleep with the drive attached it cannot connect to the internet, I cannot open any files in any programs, and I cannon eject the drive.  Once I pull the plug, everything is back to normal.  Have you had any similar problems?  Iomega tech support wants to send me a new USB cable...  Useless.

• Full disk encryption for the Mac ?

  I desperately require a security measure against data compromise in the event of a physical theft of one of my Macs.
  Is there some full disk encryption solution, similar to the TrueCrypt solution for Windows, that can work with a Mac? (TrueCrypt works on Mac but not its feature of full disk encryption)
  Any other ideas on reinforcing security in such physical theft incidents?
  Thanks!

  Visited http://www.macintouch.com/
  PGP Corporation is now shipping PGP Desktop 9.9 for Mac OS X, a major update of the encryption software. Highlights of this release include full support for pre-boot authentication, full support for external drives (including the sharing of Whole Disk Encrypted thumb drives between Mac and Windows clients), use of the FIPS 140-2 validated PGP SDK for cryptographic operations,
  http://www.pgp.com/

• The best disk encryption tool

  Hi,
  I was wondering what is your opinion on the issue which disk encryption tool is the best. I personally prefer encfs. Which one do you use/prefer and why?

  mdv wrote:Hi,
  I was wondering what is your opinion on the issue which disk encryption tool is the best. I personally prefer encfs. Which one do you use/prefer and why?
  I like encfs too.  Very easy to use, I can do it  on a directory-by-directory basis as needed, and I don't need to mess with pre-allocating loopback files and making sure that they're big enough to hold all the data.
  P.S.  Check out the "encfssh" script in that package.  I sent that in to the author and he added it to the package.  (Credit where credit is due:  the script is adapted from the original cfssh script from the old cfs package.)

• Winmagic Securedoc and New Macbook Pro for Full Disk Encryption (FDE)

  Hi, I wonder if anyone had any experience with this. I've installed a seagate Momentus FDE drive (...421 series) on my new macbook pro and tried installing Winmagic securedoc to manage full disk encryption. It seems that despite all their recommendations re: hibernatemode and lidwake and sleep vs hibernation, the MBP crashes when I close the lid and then awaken it (by opening and pressing the power button). It cannot be awakened via an external keyboard either. Note that both hibernate and sleep work fine without securedoc. As securedoc appears to be the only viable FDE solution, I'd really like to get it working. Has anyone had any luck getting it to work with the new MBPs?

  PGP is another alternative as I have used it for the past few years on all of my Macbook Pros. I also own SecureDoc but have not installed it on the new Macbook yet.
  I do know that PGP disables hibernate during the install as it can cause problems.

• How to disable user for disk encryption unlock

  When I add an account that user is added to the list of enabled users when first booting a disk protected with Filevault2. I only want the master password to unlock disk encryption. I don't want to list admin or standard accounts. Is this possible?

  This sounds like two different questions:
  1. I only want the master password to unlock disk encryption.
  This isn't possible to my knowledge.
  2. I don't want the EFI bootloader to list all accounts upon first powering up the machine
  Despite many customers' pleas, Apple has not changed the 'list all usernames' feature on first boot... however, waking from sleep, logging out or fast user switching to honor this request (when set in System Preferences).  There are several discussion forums previously attempting to solve this issue, but no concrete solution yet.

• Disk Encryption password prompt

  I have 2 macbook Pro Retina machines, Identical. One for work and a personal one.
  Disk encryption is on for both machines.
  My work machine just logs me in no problem.
  My personal machine asks me for a disk encryption password every boot, then the login password. I can't find the setting to turn off the disk encryption password prompt.
  What did i do differently?

  So I solved it for myself.
  seems I had encrypted the disk using DU from the pre-boot environment, therefore the encryption had occured without my user account holding the "keys" to the encryption. The end result is that a password is needed for both my account and the encryption seperately.
  I turned off file vault as root from the command line and re-enabled it as my user. problem solved.

• Request To Blackberry: Full-Disk Encryption

  The current encryption option for the SD card encrypts ONLY the data contents, and NOT the full structure of the filesystem. 
  As it stands right now pulling an encrypted SD card from the Z-10 and inserting it into a Windows machine divulges the entire filesystem structure with names and modification dates intact.  The data itself is encrypted and the file size padded out to the next 4k size, which appears to be the block size of the encrpytion system.
  While this prevents Windows from considering the card "unformatted" and thus randomly offering to destroy it with a single click (which it would otherwise do) the file names, mod times and sizes confer quite a bit of information to a hostile party who comes into possession of the device and its memory card.
  Having the choice of that not being the case (as is true for full-disk encryption on FreeBSD and other systems such as TrueCrypt) would be nice, even though it does some with a greater risk of accidental destruction should you insert the card into some other device by accident.
  Market Information? Come read The Market Ticker!

  wtaylor72,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://forums.novell.com/

• PGP Whole Disk Encryption

  After my wife's iphone was stolen I was thinking of installing PGP whole disk encryption on my Macbook pro. PGP does not support Boot camp. Is there a way for me to take my install of Windows XP and transfer that to parrells? In other words take the entire partition and copy it into the Virtual Machine on Parrells or Fusion? Also how should I copy the windows partion, if I was going to do this sort of thing on the mac I'd use super super or carbon copy cloner to copy the entire disk over to another disk.
  thanks,
  jeff

  jevenson:
  I need to understand this post clearly. Just so you and I are on the same page, I am going to make some assumptions. You plan to install PGP Whole Disk Encryption on your OSx side. I suspect that you want it to cover your boot camp partition upon which Windows XP resides.
  PGP does not support Boot camp.
  I am assuming that by this you meant that should you install PGP on the OSx side then it would not cover the Windows side on a boot camp setup.
  Is there a way for me to take my install of Windows XP and transfer that to parrells? In other words take the entire partition and copy it into the Virtual Machine on Parrells or Fusion?
  No, at present, I do not know of any way to actually move Windows from a boot camp partition to reside on the OSx partition and run as a virtual machine under parallels or fusion without performing a complete installation under parallels/fusion.
  Now, having said that, there is another option for you. Parallels and Fusion both can use the boot camp partition with Windows as a virtual machine BUT without moving windows on the OSx partition. It will run WIndows as a virtual machine directly from the BC partition. So, you will be able to run OSx and Windows at the same time. What I am not sure is that if you have PGP installed on the OSx side and since parallels/fusion runs from the OSx side then will it encrypt the boot camp/windows when run under it?
  Axel F.