Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Truecrypt boots to black screen on server 2008 r2

Posted on 2013-11-08
6
Medium Priority
?
704 Views
Last Modified: 2015-02-08
I'd thought i would take a chance by asking this question here as well as the truecrypt forum.

I have a medical business customer that wants the entire hdd drive on their server encrypted.  Easy enough right?  well so i encrypt using truecrypt.  everything works great.  about 3 weeks later though the server when it boots up stops at the truecrypt boot up screen wanting the password.  and once you put the password in, it begins booting up.  i see the windows logo with the scrolling from left to right at the bottom of the screen.  that logo then dissapears and a black screen shows up.  and it sits there never coming to the blue ctrl-alt-del screen.  
        so i decrypted the system and it boots fine now.  but this hdd needs to be encrypted so i went through the motions of re-encrypting the hdd and i reburned the rescue disc and truecrypt wants to do the pretest of rebooting.  when i reboot, again it stop at a black screen.  at the black screen the server hdd light is blinking to show activity, but i let it sit for 3 hrs and nothing.  I then reset the computer and let it reboot and press esc instead of typing the password and the server boots up to windows only to tell me that truecrypt failed the pretest.  Any suggestions?
0
Comment
Question by:Barnett Computers
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 1000 total points
ID: 39635009
Server HDD's are not typically encrypted in this way. you have to understand that Full Disk Encryption only protects data at rest, when the OS is not running. When it's booted, the HDD looks no different to a networked attacker or a trojan than any other running windows OS.
Have a look at my article here:
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html

If the encryption is to protect against physical theft, then you want full disk encryption. If it's to comply with HIPAA, then you've not encrypted anything at all when the OS is running.
-rich
0
 
LVL 56

Accepted Solution

by:
McKnife earned 1000 total points
ID: 39638204
You can of course use truecrypt for servers if you want to protect against theft. If it does not work out, uninstall truecrypt, reboot and try disk cryptor, a truecrypt spin-off.
If that does not work, take the built-in bitlocker.
0
 
LVL 1

Author Closing Comment

by:Barnett Computers
ID: 39656302
After reviewing the replies, we researched the built-in bitlocker and decided to install this option.  This was completed this weekend and will be delivered to the customer today.  

Thanks for the replies.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 56

Expert Comment

by:McKnife
ID: 39656378
Ok.

Make your customer aware that with a fully encrypted system, any reboot will require the passphrase, so any automatic bluescreen-reboot, too! Unless you used a TPM without PIN.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39656409
And the encryption is only protecting the drives from theft :) The data is not safer when the OS is running.
-rich
0
 

Expert Comment

by:peteviti
ID: 40597565
I installed true crypt. I did not activate any encryption. But I rebooted and I now I have a black screen on all users. How do I turn off black screen? Please help pete.viti@gmail.com
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This article covers the basics of data encryption, what it is, how it works, and why it's important. If you've ever wondered what goes on when you "encrypt" data, you can look here to build a good foundation for your personal learning.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question