RE: TrueCrypt and vConverter issues

[Ames Matthew B]

Is the Volume Shadow Copy service started?
 


From: Craig Gauss [mailto:c.g.misc1...@gmail.com] 
Sent: 17 December 2010 21:47
To: NT System Admin Issues
Subject: TrueCrypt and vConverter issues


Checking to see if anyone has any experience with this.  Trying to
convert a Windows 2003 server to a USB drive that has been encrypted
with TrueCrypt.  Mount the drive and start the conversion and it fails
at 1%.  Following error:  

FAILED: Unable to create a VSS snapshot of the source volume(s).  Error
code: 2147754758 (0x80042306)

I've been to Google quite a bit and have not come up with any solutions.
Seems like there are several reporting the issue but no solution.

Any ideas?


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


This email and any attachments to it may be confidential and are
intended solely for the use of the individual to whom it is 
addressed. If you are not the intended recipient of this email,
you must neither take any action based upon its contents, nor 
copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. QinetiQ may 
monitor email traffic data and also the content of email for 
the purposes of security. QinetiQ Limited (Registered in England
& Wales: Company Number: 3796233) Registered office: 85 
Buckingham Gate, London SW1E 6PD http://www.qinetiq.com.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: TrueCrypt

[Ben Scott]

On Fri, Jun 25, 2010 at 12:50 PM, Joe Tinney  wrote:
>  It seems I need to educate myself some more on how hard drives and
> their electronics flag bad sectors independent of the file and operating
> system!

  Modern hard drives reserve some spare blocks, which are not visible
to the host.  When the onboard electronics detect a bad block, the
data is automatically and transparently relocated to a spare block.

  Ideally, bad blocks are detected and relocated on write.  Slightly
less ideally, you read from a block, the read succeeds but the drive
detects the block is marginal, and the drive relocates the block then.

  Much less ideally, you try to read, the drive retires a few times
but still can't do it, and so the drive returns an error to the host.
The drive will keep retrying that read every time you ask it.
Sometimes it will succeed eventually, and the drive can relocate it
then.  Otherwise, if you write new data to that block, the drive will
relocate it then, since you've overwritten what was there anyway.

  Modern hard drives also store redundant data and employ ECC to
recover from the occasional bit error.  This happens all the time,
even on a brand new drive.

  SpinRite's core read/test/rewrite algorithm will trigger the above.
But so will "badblock -s -v -n" from a Linux boot CD.  SpinRite can
also repeatedly try to read a bad block on a failed disk.  So will
"dd_rescue" and "dd_rhelp".  Etc.  SpinRite was special back when when
MS-DOS was popular, because MS-DOS had all the intelligence of a
not-so-bright rock.  These days, SpinRite is just another overpriced
utility.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: TrueCrypt

[Joe Tinney]

Thanks for the explanation. 

 It seems I need to educate myself some more on how hard drives and
their electronics flag bad sectors independent of the file and operating
system! 

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Friday, June 25, 2010 10:44 AM
To: NT System Admin Issues
Subject: Re: TrueCrypt

On Fri, Jun 25, 2010 at 9:26 AM, Joe Tinney  wrote:
> If the entire drive is encrypted how would SpinRite be able to 
> correctly identify the filesystem type and update the appropriate 
> entries when it moves data?

  SpinRite is not filesystem aware.  All SpinRite does is read each disk
block into memory (retrying if needed), repeatedly write and read test
patterns to the disk block location, and then write the original data
back.

  SpinRite does nothing for you if the disk drive has a mechanical or
electronics fault, or if the drive is incapable of reading blocks from
the media.

  Frankly, I think SpinRite is rather overrated in this day of
intelligent disk electronics and freely-available utilities that do
similar things.  I tried it on a laptop hard disk drive that was giving
media errors a few years ago, and it didn't even find anything wrong.
Even MS-DOS knew there was something wrong with the disk.
SpinRite may have been more useful back in the days of dumb disks and
OSes, but I think it's outlived its usefulness.

  To GRC's credit, they did refund my money when I complained.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: TrueCrypt

[Andrew S. Baker]

+5

-ASB: http://XeeSM.com/AndrewBaker


On Fri, Jun 25, 2010 at 10:44 AM, Ben Scott  wrote:

> On Fri, Jun 25, 2010 at 9:26 AM, Joe Tinney  wrote:
> > If the entire drive is encrypted how would SpinRite be able to correctly
> > identify the filesystem type and update the appropriate entries when it
> > moves data?
>
>   SpinRite is not filesystem aware.  All SpinRite does is read each
> disk block into memory (retrying if needed), repeatedly write and read
> test patterns to the disk block location, and then write the original
> data back.
>
>  SpinRite does nothing for you if the disk drive has a mechanical or
> electronics fault, or if the drive is incapable of reading blocks from
> the media.
>
>  Frankly, I think SpinRite is rather overrated in this day of
> intelligent disk electronics and freely-available utilities that do
> similar things.  I tried it on a laptop hard disk drive that was
> giving media errors a few years ago, and it didn't even find anything
> wrong.  Even MS-DOS knew there was something wrong with the disk.
> SpinRite may have been more useful back in the days of dumb disks and
> OSes, but I think it's outlived its usefulness.
>
>  To GRC's credit, they did refund my money when I complained.
>
> -- Ben
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Ben Scott]

On Fri, Jun 25, 2010 at 9:26 AM, Joe Tinney  wrote:
> If the entire drive is encrypted how would SpinRite be able to correctly
> identify the filesystem type and update the appropriate entries when it
> moves data?

  SpinRite is not filesystem aware.  All SpinRite does is read each
disk block into memory (retrying if needed), repeatedly write and read
test patterns to the disk block location, and then write the original
data back.

  SpinRite does nothing for you if the disk drive has a mechanical or
electronics fault, or if the drive is incapable of reading blocks from
the media.

  Frankly, I think SpinRite is rather overrated in this day of
intelligent disk electronics and freely-available utilities that do
similar things.  I tried it on a laptop hard disk drive that was
giving media errors a few years ago, and it didn't even find anything
wrong.  Even MS-DOS knew there was something wrong with the disk.
SpinRite may have been more useful back in the days of dumb disks and
OSes, but I think it's outlived its usefulness.

  To GRC's credit, they did refund my money when I complained.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: TrueCrypt

[Joe Tinney]

If the entire drive is encrypted how would SpinRite be able to correctly
identify the filesystem type and update the appropriate entries when it
moves data?

-Original Message-
From: Angus Scott-Fleming [mailto:angu...@geoapps.com] 
Sent: Thursday, June 24, 2010 10:47 PM
To: NT System Admin Issues
Subject: Re: TrueCrypt

On 23 Jun 2010 at 10:02, Jeff Brown  wrote:

> one of the owners wants the answer to this question: "If a drive 
> becomes unusable(physical issue with the drive) will this make it 
> impossible for us to recover data from that drive?"

If the drive is recognized in the BIOS, you can run SpinRite against it.

SpinRite works below the OS, at the sector level, and can recover data
there.  
Once SpinRite has done its magic recovering the bad sectors, you should
be able to boot the OS again.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/





~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: TrueCrypt

[Cameron Cooper]

Agree with ya... at some point we will be including disclaimers on all
of our email.

 

_

Cameron Cooper

Network Administrator | CompTIA A+ Certified

Aurico Reports, Inc

Phone: 847-890-4021 | Fax: 847-255-1896

ccoo...@aurico.com | www.aurico.com

On Thu, Jun 24, 2010 at 5:18 PM, Kurt Buff  wrote:

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

Really? Can Not? How do you intend to enforce this? 

Sigh.

I hate stupid email disclaimers - oh, wait. That's a redundancy..

Kurt

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Angus Scott-Fleming]

On 23 Jun 2010 at 10:02, Jeff Brown  wrote:

> one of the owners wants the answer to this question: "If a drive 
> becomes unusable(physical issue with the drive) will this make it 
> impossible for us to recover data from that drive?"

If the drive is recognized in the BIOS, you can run SpinRite against it. 
SpinRite works below the OS, at the sector level, and can recover data there.  
Once SpinRite has done its magic recovering the bad sectors, you should be able 
to boot the OS again.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Kurt Buff]

Shakespeare had it right...

On Thu, Jun 24, 2010 at 14:31, Andrew S. Baker  wrote:

> Depending on the case and jurisdiction, it may be sufficient to undermine
> any argument that information that was inappropriately passed on was done so
> unknowingly.
>
> In general, however, I agree that it's dumb. Yet, lawyers continue to get
> paid at rates that typically exceed our own.  So, take that.
>
> -ASB: http://XeeSM.com/AndrewBaker
>
>
>
> On Thu, Jun 24, 2010 at 5:18 PM, Kurt Buff  wrote:
>
>> *This written advice is not intended or written to be used, and can not
>> be used, by a taxpayer for the purpose of avoiding penalties that may be
>> imposed on the taxpayer.*
>>
>>> Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION
>>>
>>> This e-mail (including attachments) is covered by the Electronic
>>> Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
>>> confidential, and is intended solely for the use of the individuals or
>>> entities to whom it is addressed. If you are not the intended recipient
>>> or the person responsible for delivering the e-mail to the intended
>>> recipient, be advised that you have received this e-mail in error and that
>>> any use, dissemination, forwarding, printing, or copying of this e-mail and
>>> any file attachments is strictly prohibited. If you have received this
>>> e-mail in error, please immediately notify us by telephone toll-free at 
>>> (866)
>>> 841-6888 or by reply e-mail to the sender. You must destroy the original
>>> transmission and its contents. You will be reimbursed for reasonable costs
>>> incurred in notifying us.
>>>
>>>
>>>
>>>
>>>
>>> Really? Can Not? How do you intend to enforce this?
>>
>> Sigh.
>>
>> I hate stupid email disclaimers - oh, wait. That's a redundancy..
>>
>> Kurt
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Andrew S. Baker]

Depending on the case and jurisdiction, it may be sufficient to undermine
any argument that information that was inappropriately passed on was done so
unknowingly.

In general, however, I agree that it's dumb. Yet, lawyers continue to get
paid at rates that typically exceed our own.  So, take that.

-ASB: http://XeeSM.com/AndrewBaker


On Thu, Jun 24, 2010 at 5:18 PM, Kurt Buff  wrote:

> *This written advice is not intended or written to be used, and can not be
> used, by a taxpayer for the purpose of avoiding penalties that may be
> imposed on the taxpayer.*
>
>> Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION
>>
>> This e-mail (including attachments) is covered by the Electronic
>> Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
>> confidential, and is intended solely for the use of the individuals or
>> entities to whom it is addressed. If you are not the intended recipient
>> or the person responsible for delivering the e-mail to the intended
>> recipient, be advised that you have received this e-mail in error and that
>> any use, dissemination, forwarding, printing, or copying of this e-mail and
>> any file attachments is strictly prohibited. If you have received this
>> e-mail in error, please immediately notify us by telephone toll-free at (866)
>> 841-6888 or by reply e-mail to the sender. You must destroy the original
>> transmission and its contents. You will be reimbursed for reasonable costs
>> incurred in notifying us.
>>
>>
>>
>>
>>
>> Really? Can Not? How do you intend to enforce this?
>
> Sigh.
>
> I hate stupid email disclaimers - oh, wait. That's a redundancy..
>
> Kurt
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Kurt Buff]

*This written advice is not intended or written to be used, and can not be
used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.*

> Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION
>
> This e-mail (including attachments) is covered by the Electronic
> Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
> confidential, and is intended solely for the use of the individuals or
> entities to whom it is addressed. If you are not the intended recipient or
> the person responsible for delivering the e-mail to the intended recipient,
> be advised that you have received this e-mail in error and that any use,
> dissemination, forwarding, printing, or copying of this e-mail and any file
> attachments is strictly prohibited. If you have received this e-mail in
> error, please immediately notify us by telephone toll-free at (866)
> 841-6888 or by reply e-mail to the sender. You must destroy the original
> transmission and its contents. You will be reimbursed for reasonable costs
> incurred in notifying us.
>
>
>
>
>
> Really? Can Not? How do you intend to enforce this?

Sigh.

I hate stupid email disclaimers - oh, wait. That's a redundancy..

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: TrueCrypt

[Kyle Plummer]

TrueCrypt works very well for us. I have it installed on all computers,
and on a number of external USB hard drives and flash drives. Even when
VIPRE quarantined critical system files a while back and the PC wouldn't
boot, it wasn't difficult to get around. I pulled the drive, slapped it
into a Black Widow external dock, mounted the drive, and copied the
files back. Took about 15 minutes per machine and was a lot faster than
reimaging.

 

You do lose any centralized management, and you can't remote boot the
computer (well you can, but you can't get past the encryption screen
remotely) - but for $0 vs. $100-$150 per seat, it was an acceptable
tradeoff for us.

 

Kyle B. Plummer

 

From: Jeff Brown [mailto:2jbr...@gmail.com] 
Sent: Thursday, June 24, 2010 10:18 AM
To: NT System Admin Issues
Subject: Re: TrueCrypt

 

Bitlocker is good, but comes with a very limited number of Win7
deployments, like ultra and the SA version only.  That wasn't going to
work for us in this environment.

On Thu, Jun 24, 2010 at 2:00 AM, Brian Desmond 
wrote:

So disclaimer, I've not used TrueCrypt, but if you have Win7 or Vista,
Bitlocker + AD is a good management story. It's also all in the box and
you've got someone to call when it breaks. 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

 

From: Jeff Brown [mailto:2jbr...@gmail.com] 
Sent: Wednesday, June 23, 2010 8:03 AM


To: NT System Admin Issues

Subject: TrueCrypt

 

After watching the very interesting thread a week or so ago about
encrypting laptops we decided it was time for us to get that done here.
We looked at several options, but honestly chose TrueCrypt based on the
number of folks in this group who use it and gave if favorable reviews.
We have it installed on 3 laptops so far and have no complaints, but one
of the owners wants the answer to this question:  "If a drive becomes
unusable(physical issue with the drive) will this make it impossible for
us to recover data from that drive?"

 

anyone out there able to speak to this question?

 

thanks for any help.

 

Jeff

 

 

 

 

 

 

 


This written advice is not intended or written to be used, and can not be used, 
by a taxpayer for the purpose of avoiding penalties that may be imposed on the 
taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic Communications 
Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential, and is intended 
solely for the use of the individuals or entities to whom it is addressed. If 
you are not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, be advised that you have received this e-mail 
in error and that any use, dissemination, forwarding, printing, or copying of 
this e-mail and any file attachments is strictly prohibited. If you have 
received this e-mail in error, please immediately notify us by telephone 
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must destroy 
the original transmission and its contents. You will be reimbursed for 
reasonable costs incurred in notifying us. 




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: TrueCrypt

[Jeff Brown]

Bitlocker is good, but comes with a very limited number of Win7 deployments,
like ultra and the SA version only.  That wasn't going to work for us in
this environment.

On Thu, Jun 24, 2010 at 2:00 AM, Brian Desmond wrote:

> *So disclaimer, I’ve not used TrueCrypt, but if you have Win7 or Vista,
> Bitlocker + AD is a good management story. It’s also all in the box and
> you’ve got someone to call when it breaks. *
>
> * *
>
> *Thanks,*
>
> *Brian Desmond*
>
> *br...@briandesmond.com*
>
> * *
>
> *c - 312.731.3132*
>
> * *
>
> * *
>
> *From:* Jeff Brown [mailto:2jbr...@gmail.com]
> *Sent:* Wednesday, June 23, 2010 8:03 AM
>
> *To:* NT System Admin Issues
> *Subject:* TrueCrypt
>
>
>
> After watching the very interesting thread a week or so ago about
> encrypting laptops we decided it was time for us to get that done here.  We
> looked at several options, but honestly chose TrueCrypt based on the number
> of folks in this group who use it and gave if favorable reviews.  We have it
> installed on 3 laptops so far and have no complaints, but one of the owners
> wants the answer to this question:  "If a drive becomes unusable(physical
> issue with the drive) will this make it impossible for us to recover data
> from that drive?"
>
>
>
> anyone out there able to speak to this question?
>
>
>
> thanks for any help.
>
>
>
> Jeff
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: TrueCrypt

[Brian Desmond]

So disclaimer, I've not used TrueCrypt, but if you have Win7 or Vista, 
Bitlocker + AD is a good management story. It's also all in the box and you've 
got someone to call when it breaks.

Thanks,
Brian Desmond
br...@briandesmond.com

c - 312.731.3132


From: Jeff Brown [mailto:2jbr...@gmail.com]
Sent: Wednesday, June 23, 2010 8:03 AM
To: NT System Admin Issues
Subject: TrueCrypt

After watching the very interesting thread a week or so ago about encrypting 
laptops we decided it was time for us to get that done here.  We looked at 
several options, but honestly chose TrueCrypt based on the number of folks in 
this group who use it and gave if favorable reviews.  We have it installed on 3 
laptops so far and have no complaints, but one of the owners wants the answer 
to this question:  "If a drive becomes unusable(physical issue with the drive) 
will this make it impossible for us to recover data from that drive?"

anyone out there able to speak to this question?

thanks for any help.

Jeff





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Jeff Brown]

Thanks to all.  I think that will help get us going. Dave Vantine, your
comments were right on target, EXACTLY what I was looking for.  We use
folder redirection and backup files 7 different ways, the owner was just
wondering if we lose any possibility that we MIGHT be able to recover files
if we use this.   Thanks again.

Jeff

On Wed, Jun 23, 2010 at 10:14 AM, S Powell  wrote:

> it is possible... but yes a pain
>
> FOR US, we use folder redirect and have the users "My Documents" --in
> XP and the whole user folder in W7 to our file server.
>
> that way it syncs those folders when they logon and logoff.  worst
> case (for me) is that they would lose only what they had worked on
> since they last synced.
>
> ymmv.
>
> to recover the HD though; you need to decrypt the HD then you can get
> at it. but I would not hold my breath trying to recover something they
> had erased.  the encryption would make that difficult at best.
>
>
> Google.com  Learn it. Live it. Love it.
>
>
>
> On Wed, Jun 23, 2010 at 08:02, Jeff Brown <2jbr...@gmail.com> wrote:
> > After watching the very interesting thread a week or so ago about
> encrypting
> > laptops we decided it was time for us to get that done here.  We looked
> at
> > several options, but honestly chose TrueCrypt based on the number of
> folks
> > in this group who use it and gave if favorable reviews.  We have it
> > installed on 3 laptops so far and have no complaints, but one of the
> owners
> > wants the answer to this question:  "If a drive becomes unusable(physical
> > issue with the drive) will this make it impossible for us to recover data
> > from that drive?"
> > anyone out there able to speak to this question?
> > thanks for any help.
> > Jeff
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[S Powell]

it is possible... but yes a pain

FOR US, we use folder redirect and have the users "My Documents" --in
XP and the whole user folder in W7 to our file server.

that way it syncs those folders when they logon and logoff.  worst
case (for me) is that they would lose only what they had worked on
since they last synced.

ymmv.

to recover the HD though; you need to decrypt the HD then you can get
at it. but I would not hold my breath trying to recover something they
had erased.  the encryption would make that difficult at best.


Google.com  Learn it. Live it. Love it.



On Wed, Jun 23, 2010 at 08:02, Jeff Brown <2jbr...@gmail.com> wrote:
> After watching the very interesting thread a week or so ago about encrypting
> laptops we decided it was time for us to get that done here.  We looked at
> several options, but honestly chose TrueCrypt based on the number of folks
> in this group who use it and gave if favorable reviews.  We have it
> installed on 3 laptops so far and have no complaints, but one of the owners
> wants the answer to this question:  "If a drive becomes unusable(physical
> issue with the drive) will this make it impossible for us to recover data
> from that drive?"
> anyone out there able to speak to this question?
> thanks for any help.
> Jeff
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Ben Scott]

On Wed, Jun 23, 2010 at 11:02 AM, Jeff Brown <2jbr...@gmail.com> wrote:
> "If a drive becomes unusable(physical issue with the
> drive) will this make it impossible for us to recover data
> from that drive?"

  If the drive is having hardware trouble, it's already a crap shoot
as to whether you'll get any data off of it.  You should have some
kind of data protection strategy (i.e., backups) in place to protect
data on laptop hard drives, independent of whether or not whole disk
encryption is in use.

  Whole disk encryption won't make data recovery from a failed disk
any easier, for sure, but again, lack-of-backups would be the real
problem there.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: TrueCrypt

[Dave Vantine]

We use this as well and have been very happy with it especially the cost.

When you do the full disk encryption, it should have force you to make a CD
to decrypt the drive. This is a stand alone utility the will remove the
encryption and then allow you to use what ever tools you had used before to
get to the data e.g. put the drive in a second system.

I had and issue on my own laptop and the decryption worked though it took
all day to do it vs. the hour it took to encrypt it.

-Dave Vantine, CISSP

On Wed, Jun 23, 2010 at 11:02 AM, Jeff Brown <2jbr...@gmail.com> wrote:

> After watching the very interesting thread a week or so ago about
> encrypting laptops we decided it was time for us to get that done here.  We
> looked at several options, but honestly chose TrueCrypt based on the number
> of folks in this group who use it and gave if favorable reviews.  We have it
> installed on 3 laptops so far and have no complaints, but one of the owners
> wants the answer to this question:  "If a drive becomes unusable(physical
> issue with the drive) will this make it impossible for us to recover data
> from that drive?"
>
> anyone out there able to speak to this question?
>
> thanks for any help.
>
> Jeff
>
>
>
>
>
>


-- 
Thanks
Dave Vantine

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~