Windows 10 Insider Preview Fast/Slow/RP Build 17134.5 - April 27 Insider

cereberus said:

Is it optimising size of page/hibernation files?

The pagefile has been 1024MB since before the upgrade and still is. I have hibernation disabled totally. I don't understand where the space is coming from, but I am not complaining. :)

Pagefile= let Windows decide on all drives.

I had not rebooted between the jumps in space. First reboot was after I saw the 84.7 this morning.

cereberus said:

About the only devices that support uefi only booting are Surface Pros. My tablet does not fit all the requirements.

Does anybody understand what this encryption actually does?

I've got it on my tablet which I bought from Tescos (for non-UK forum members it's a supermarket chain) for £60 with Windows 8.1 a few years back.

Sadly the USB port is broken so I can't get back into the BIOS screen to check (as I think it requires a physical keyboard) whether it's UEFI only.

I imagine Microsoft would hope it applied to a wide range of hardware but I suspect you're right that it doesn't apply to many devices out there, and I suspect OEMs aren't too fussy on whether their tablets/devices comply or not.

The effect is it encrypts the drives using Bitlocker encryption, but (as I'm running W10 Home) without the full set of Bitlocker options to control it. Disk Management says the drive is Bitlocker encrypted, for instance.

There's more here:
https://docs.microsoft.com/en-us/win...iew-windows-10

BitLocker Device Encryption

Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those that are Modern Standby. Microsoft expects that most devices in the future will pass the testing requirements, which makes BitLocker Device Encryption pervasive across modern Windows devices. BitLocker Device Encryption further protects the system by transparently implementing device-wide data encryption.

Unlike a standard BitLocker implementation, BitLocker Device Encryption is enabled automatically so that the device is always protected. The following list outlines how this happens:

• When a clean installation of Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state). In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up, as explained in the following bullet points.
• If the device is not domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using his or her Microsoft account credentials.

The option to switch it off is in Settings | System | About
(At least it is in 1703 - it may have moved in more recent versions.)