[dba-VB] True Crypt whole disk encryption

jwcolby jwcolby at colbyconsulting.com
Sat Oct 1 15:13:52 CDT 2011


The last iteration with my laptop I used Windows Bit locker to perform a whole disk encryption. 
This time I am using Windows 7 Home Premium which does not include Bit locker.  I had just about 
decided to use True Crypt anyway because with Bil Locker I was unable to mount the old hard disk on 
another computer to pull the old contents off onto the new disk.

So when I installed Windows 7 I broke the disk into three partitions, a 6 gig for the swap file, 100 
gig for the OS/programs and 400 gig for data.  I then started Truecrypt and told it to go to work 
encrypting the whole thing and went to bed.  In the morning... the computer had decided to sleep 
during the night (lazy thing!) and so it was only 25% finished.

It took most of the day to finish encrypting the entire disk (all partitions) and so here I am.

Having done that I decided to hang the truecrypt encrypted disk on another computer, put the old 
disk back in and push the disk contents out to the other disk.

The other disk would not finish loading Windows with the truecrypt encrypted disk on it!  It would 
start to load Windows (2008 server) and then apparently it ran into the true crypt disk and couldn't 
handle it.  It just hung, never finished loading windows.

In the end I told the bitlocker software to unencrypt the old disk, then hung that on another 
machine and put the truecrypt disk back in the laptop, and pulled everything into the new disk. 
Well not everything but you know what I mean.  At least I can do that with the unencrypted disk drive.

Things never work the way I envision them working.

Truecrypt is not significantly slowing down the new disk.  I do have to enter the password at the 
point where the bios tries to load windows, then off it goes.  Not good for auto reboot after 
software updates...

-- 
John W. Colby
Colby Consulting



More information about the dba-VB mailing list