Forgive my ignorance but I was idly playing around in settings because i am trying to get my head around 10 after many years in 7.
Now I found something to do with Bitlocker all I want to know is this feature /function a plus for the average Joe Blow user or is it more inclined to power users or companies etc ?
Hi ICIT2LOL
Encryption can benefit anyone who wants to keep their data from prying eyes. It also depends what kind of data you are storing. Music files or videos, well who cares. Your tax files, financial / accounting files, well those are yours and yours alone.
Encryption can bring on a level of complexity that some users just don't need or understand how to manage. You need to protect and backup your keys carefully so they can be retrieve and used. Just taking your drive out of a dead machine and sticking it in an external enclosure for a quick read just doesn't work. We've had a couple of members come on a declare they forgot password or don't have keys backed up. The general response is sorry, the data is gone.
I encrypt my data when it leaves the house, otherwise my OS and data lives in an un-encrypted state.
My thoughts. Would be interested to see other responses.
Ken
Just for a laugh I searched TenForums for " Forgot Bitlocker Password " and it came up with 75 results.
Then I did the same on Google it had 65,300 results.
Ok Ken thank you for a very precise answer and it does sound like an option for my financial stuff I shall have a read to how to use it for specific things as I don't want to encrypt the entire machine.
Forgetting the password is not big deal for me as I use Google Keep and I was under the impression that it is also encrypted when that data leaves your machine but apparently not. However I do "encrypt" it myself when making notes in Keep for example if my password for my bank was JoeBlow @987123 then I would type the banks name > Enter and then the password as J**B***at****** simply because the "encryption" means something to me. The beauty of Keep is that I can access any password note or whatever from any other device I have Keep installed on - I do have it on all my machines and phone so never without it. The important thing is you must remebr the Google account if the auto remember on the machine does not work.
But I am now rambling and will look into that Bitlocker as a direct application.
You can't encrypt individual files or folders with bitlocker - you have to turn it on of off for entire partitions. This is easier in a way - you don't have to decide for each folder if it is private or not. I don't have anything particularly sensitive - just normal stuff - but there are enough details to enable identity theft for sure.
I use bitlocker so if I forget my laptop in a taxi (or my house is burgled) it doesn't matter so much.
It is actually very easy to set up (see the tutorials) and once encrypted your system works just the same as without it once you are logged in if you set your drives to auto-unlock. You just need to make sure you save the emergency decryption keys safely in multiple places. MS says it has a "low single digit percentage" performance hit but I cant say I've noticed.
Turn On or Off BitLocker for Operating System Drive in Windows 10 Windows 10 Security System Tutorials
Turn On or Off BitLocker for Fixed Data Drives in Windows 10 Windows 10 Security System Tutorials
Turn On or Off BitLocker for Removable Data Drives in Windows 10 Windows 10 Security System Tutorials
Correct. If you copy a file from a bitlocker encrypted drive to a non-encrypted drive (flash drive say) the copied file is not encrypted.
If you wanted that you'd have to encrypt the whole flash drive as a removable drive.
Ah I see so in effect the whole machine has to be encrypted partition by partition however that is no problem for me because I very rarely use more than one partition as I am not that savvy enough to partition up a drive to say keep emails and financial stuff in one and general stuff in another.You can't encrypt individual files or folders with bitlocker - you have to turn it on of off for entire partitions.
I was interested to see what you said by it becoming non encrypted when anything leaves your machine though - so in that case for example I was to bank on the net access to the info on the machine is encrypted but once in the ether not encrypted. So it leaves me intrigued as to when you hear of illegals using encryption to send messages or info to and from each other as I am assuming from what I have seen on TV that is what they do.
Thanks for the links too I must work my way through them because encrypting my travel laptop at least would be worth while.:)
Edit: I forgot to ask so as my travel laptop is a dual boot 7/10 will the data on the 7 partition be encrypted if so why couldn't any 7 only machine be encrypted??
This is a different matter really. Bitlocker is only useful if you lose your hardware so people cant just put your hard disk in another computer and read it. As it is the drives that are encrypted copying anything from encrypted drive to a non encrypted one means it is decrypted as the destination drive isn't encrypted. You can only do that if the drive is unlocked. To unlock a drive you need to be using the same (untampered with) PC so the TPM chip (if you have one) will unlock it or enter the recovery key or password.
Transferring files over internet is another thing. This traffic may or may not be encrypted (this site traffic is encrypted - you can see the padlock in your browser). WhatsApp and Skype are also encrypted. It is possible to intercept your traffic and see you are using WhatsApp or Skype - just not what you are saying.
Why you would use TOR for example (apart from criminal things) is if you didn't want anyone to be able to see what sites you were going to at all. Your government may restrict access to certain sites - for example I lived in UAE and Skype was blocked to force you to pay expensive rates for international telephone via the state telecom companies. If you route your traffic through TOR it can appear to originate elsewhere in the world so the restricted sites work. People can tell you are using TOR network but not if you are looking at something illegal (Skype.com ), something innocuous (likeCookery.com ) or something legal but perhaps just plain embarrassing. I'm sure this explanation isn't quite right (and it is a rather trivial example) but it is how I understand it. The TOR link above explains it better.
I think so. It is hard to have nothing of a presopnal private nature on a laptop - even if it just emails and such.
If you turn on bitlocker for 10 then the 7 partition will not be encrypted and vice versa. Each OS must have bitlocker enabled separately and you could enable bitlocker for either or both.
Bitlocker only exists in Windows 7 Ultimate (and enterprise) editions so if you have another version of 7 you can't enable it.
Thanks mate I only run Home Premium and Pro on one laptop so I can fix that hopefully with an aftermarket version of something.
Mind you could never think why Bitlocker was as exclusive as it is surely it couldn't mean it would have generated that much more revenue including it in the Home and Pro versions??
I upgraded to 7 Ultimate from 7 Pro - not for Bitlocker but because I wanted to change my language to English. It was very expensive. No need for that any more - you can change language on pretty much any normal version.
In Windows 8 Bitlocker was included in Pro version. In 10 there is also something called Device Guard which uses Bitlocker on devices using Windows 10 Home on compatible devices.
All these things are sort of trickling down which is a good thing I think - especially with portable devices.
At the moment the only reason I can think of to buy Windows 10 Pro over Home is if you need to connect to a company domain. Everything else you can work around one way or another.
When I want to encrypt specific files I use Truecrypt. It isn't being supported anymore and that is okay, the NSA is not at my door.
The replacement, or at least one alternative is Veracrpyt. You can create a container, pick a size, say 10 GB. You then create a folder, a file or many folders in the container. When you are finished you close container. To the "Bad Guy" it is just one big file. When you want access you mount, enter your secure password, (which I keep in password vault) and then just use like anything other location in file explore.
Ken
Quote