Results 1 to 25 of 28

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Banned
    Join Date: Mar:2017
    Location: Bulgaria
    Posts: 654

    Êëîíèðàíå íà êðèïòèðàí äèñê

    Èñêàì äà êëîíèðàì åäíî ìíîãî áàâíî hdd îò ëàïòîï íà áúðç ssd.
    Íî hdd å çàêëþ÷åí/êðèïòèðàí ñ bitlocker, ëàïòîïà å ñëóæåáåí è íÿìà êîé äà ìè ãî îòêëþ÷è.

    Öåëèòå ìè ñà èçöÿëî äîáðîíàìåðåíè äà ñè îïòèìèçèðàì ðàáîòíîòî âðåìå è íåðâèòå, ïîíåæå ðàáîòàòà ìè å ñâúðçàíà ñ äîñòà òåæêè ôàéëîâå, êîèòî ñòúðæàò ïî áàâíèÿ
    äèñê...

    Ïðîáâàõ ñ Aomei sector by sector, è ïîñëå ñ íîðìàëíàòà îïöèÿ çà êëîíèðàíå íà õàðä, íî êàòî ñëïîæà ssd-òî íà ëàïòîïà è bitlocker èñêà êëþ÷ è íå òðúãâà íèùî. Êàòî âúðíà ñòàðèÿ hdd ñè ðàáîòè. Ñïîðåä ìåí çàñè÷à ïî ñåðèåí íîìåð íà äèñêà, ìîæå è äà ãðåøà.

    Èìà ëè âàðèàíò äà ìèãðèðàì âñå ïàê îò hdd íà ssd?

  2. #2
    Registered User
    Join Date: Jun:2013
    Location: >.<
    Posts: 6,182
    Áúðçà íàñîêà (ñàì èçáåðè íà êîè óñëîâèÿ îòãîâàðÿø è êàêâî èìàø íàëè÷íî çà äà çíàåø äî êúäå ìîæå äà ÿ äîêàðàø):

    With Bitlocker there's no need to decrypt the drive, but it is highly recommended you disable Bitlocker for the volume in question in its settings before making the image otherwise you'll need to perform a recovery via the recovery key (you did print it out when enabling BitLocker encryption right?).

    Disabling Bitlocker is not the same as decrypting the drive. It instead writes the encryption key used to decrypt the Volume Master Key (the actual key responsible for your drive encryption) in the clear so no credentials are required to decrypt the Volume Master Key--and by extension--the drive. At no time does the Volume Master Key end up unencrypted on the drive, only the key to decrypt the VMK does. Encryption operations continue to take place as normal via the Volume Master Key at the block level.

    Microsoft automatically disables BitLocker encryption in this way during OS upgrades so reboots can occur unattended (note: not on Windows Updates, just full OS upgrades such as Win 8 -> 8.1).

    After restoring the image, you then re-enable Bitlocker encryption in the settings which then re-keys the encryption for the Volume Master Key to whatever setup is present on the current computer the image was restored to. This overwrites the unencrypted key and old VMK encrypted key on disk making any software data recovery of the old keys likely impossible.

    This only opens a very small window of opportunity for an attacker--the time during which the Bitlocker encryption is disabled. Once encryption is re-enabled (and the Volume Master Key written back to the drive under new encryption) there's no longer an avenue of attack. Provided you store the images made on encrypted media as well, this should keep things well locked down.

    Theoretically, some type of low level data recovery might be able to restore both the old encrypted Volume Master Key and the unencrypted decryption key for it, but it's highly unlikely without physically obtaining the drive and having a deep understanding of Microsoft's obfuscation methods. Plus the probability diminishes the longer the drive is used. It's still miles safer than completely decrypting the drive.

    Even if you forget to do the above, if you have printed out the BitLocker recovery key for the volume, you're still fine. The recovery key is a separate encryption key used for the VMK which is never physically stored on the machine. You're presented with it when initially enabling Bitlocker encryption (it's recommended you always print it out and keep it physically safe) and you can generate a new one later from the BitLocker settings if you happen to lose it. You can recover any BitLocker encrypted volume this way even if you physically moved the drive away from the TPM which was used to encrypt it.

    You may need to repair the MBR on the boot drive via a recovery CD or Flash drive if your imaging software doesn't restore the MBR as well. To my knowledge, Clonezilla does image the MBR when doing a with full disk image.
    Ñêðèò/Hidden: Íàñîêà îò íåòà
    Last edited by user313; 6th January 2019 at 00:46.

  3. #3
    Banned
    Join Date: Mar:2017
    Location: Bulgaria
    Posts: 654
    Íÿìàì àäìèí ïàðîëà çà äà èçêëþ÷à êðèïòèðàíåòî è ïîñëå ïàê äà ãî âêëþ÷à, íèòî äà ïðàâÿ äðóãè ìàíèïóëàöèè, ñúùî íå ìîãà è äà âèäÿ/èçâàäÿ recovery key.

    Çàäúíåíà óëèöà çàñåãà...

  4. #4
    Registered Weasel imweasel's Avatar
    Join Date: Jan:2007
    Location: Ñîôèÿ
    Posts: 3,063
    Çà ñúæàëåíèå áåç ïðàâà íå ìîæå äà íàïðàâèø íèùî.
    Íÿêîè êîìàíäè çàäúëæèòåëíî èñêàò elevation.

    Quote Originally Posted by imweasel View Post

  5. #5
    Registered User
    Join Date: Jun:2013
    Location: >.<
    Posts: 6,182
    Quote Originally Posted by Chilikova View Post
    Íÿìàì àäìèí ïàðîëà çà äà èçêëþ÷à êðèïòèðàíåòî è ïîñëå ïàê äà ãî âêëþ÷à, íèòî äà ïðàâÿ äðóãè ìàíèïóëàöèè, ñúùî íå ìîãà è äà âèäÿ/èçâàäÿ recovery key.

    Çàäúíåíà óëèöà çàñåãà...
    Íå êàçà êàêâà ÎÑ-à å? Íå ñå ðàçáèðà äàëè ñèñòåìíèÿ äÿë å êðèïòèðàí èëè ñàìî îòäåëåí òîì?
    Àêî èñêàø äà äàäåø áúðçîäåéñòâèå ìîæå äà ìàõíåø DVD-òî è äà ñëîæèø òàì åäíî SSD è íà íåãî äà äúðæèø ãîëåìèòå ôàéëîâå èëè ïîíå òåçè ñ êîèòî ÷åñòî ðàáîòèø. Òîâà å äîáðå êàòî èäåÿ, íî àêî íÿìàø àäìèíèñòðàòîðñêè ïðàâà ìîæå äà òè ñå çàòðóäíè ðàáîòàòà.
    Ìèñëÿ, ÷å ïðîñòî ìîæå äà äàäåø SSD-òî íà ÷îâåêà êîéòî èìà íóæíèòå ïðàâà, òîé çà êðàòêî âðåìå ùå ïðåõâúðëè âñè÷êî íóæíî - òàêà òè ùå ñè äîâîëåí, ÷å ñè ïîâèøèë áúðçîäåéñòâèåòî, à òîé, ÷å íÿêîé íå ñå å îïèòâàë äà ïðàâè "òðóä è òâîð÷åñòâî".

  6. #6
    Banned
    Join Date: Mar:2017
    Location: Bulgaria
    Posts: 654
    Windows 10.
    Öåëèÿò HDD, êîéòî ñå ñúñòîè ñàìî îò 1 äÿë, å êðèïòèðàí.

    Ðàáîòÿ â ãîëÿìà êîìïàíèÿ, â êîÿòî ïðåäìåòà íà äåéíîñò íå å ñâúðçàíà ñ IT óñëóãè è ñúîòâåòíî íÿìà êîé äà ñå çàíèìàâà ñ ìåí.

    Öåëòà íå å äà ñå ïðàâÿ íà õàêåð, à äà ñè îáëåê÷à íåðâèòå è âðåìåòî, íî óâè..

  7. #7
    Registered User
    Join Date: Feb:2005
    Location: -
    Posts: 7,564
    Quote Originally Posted by Chilikova View Post
    Windows 10.
    Öåëèÿò HDD, êîéòî ñå ñúñòîè ñàìî îò 1 äÿë, å êðèïòèðàí.

    Ðàáîòÿ â ãîëÿìà êîìïàíèÿ, â êîÿòî ïðåäìåòà íà äåéíîñò íå å ñâúðçàíà ñ IT óñëóãè è ñúîòâåòíî íÿìà êîé äà ñå çàíèìàâà ñ ìåí.

    Öåëòà íå å äà ñå ïðàâÿ íà õàêåð, à äà ñè îáëåê÷à íåðâèòå è âðåìåòî, íî óâè..
    Ãîëÿìà êîìïàíèÿ áåç IT îòäåë â äíåøíî âðåìå ñè å áåçõàáåðèå.
    Êîé òîãàâà ãî å ïðàâèë òîçè ëàïòîï?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright © 1999-2011 Õàðäóåð ÁÃ. Âúçìîæíî å ñúäúðæàíèåòî íà òàçè ñòðàíèöà äà å îáåêò íà àâòîðñêè ïðàâà.
iskamPC.com | mobility.BG | Bloody's Techblog | Êðèïòîâàëóòè è ìàéíèíã | 3D Vision Blog | Ìàãàçèí çà åëåêòðîííè öèãàðè