Solved

Encrypt whole notebook

Posted on 2014-03-30
10
571 Views
Last Modified: 2016-11-23
HI,

I´m going to purchase a Dell windows based notebook and I´d like to encrypt whole machine. Right now, I use macbook pro with filevault...I need something like this for a dell notebook

Any idea?

Regards
0
Comment
Question by:heze54
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 15

Accepted Solution

by:
cwstad2 earned 250 total points
Comment Utility
yes truecrypt. free and simply the best. does it on the fly and has many features

http://www.truecrypt.org/
0
 
LVL 13

Expert Comment

by:Andy M
Comment Utility
Depends on the OS that you are running. As mentioned above Truecrypt is great but as far as I'm aware it doesn't work correctly with Windows 8. (I understand it's due to be updated at some point for this)

If it's running Windows 8 (Pro or Ultimate) try using the built in Bitlocker - this seems to work pretty well too.
0
 
LVL 15

Expert Comment

by:cwstad2
Comment Utility
0
 
LVL 14

Assisted Solution

by:Giovanni Heward
Giovanni Heward earned 250 total points
Comment Utility
Purported TrueCrypt/Win8 incompatibilities have more to do with UEFI (Unified Extensible Firmware Interface) and Secure Boot.

Windows 8 introduces a new requirement for PC manufacturers (OEMs) that may require modifications to your OS deployment infrastructure.  That requirement ensures that all Windows 8 systems are shipped with their BIOS in UEFI Mode and Secure Boot enabled.
Ref: http://en.community.dell.com/techcenter/enterprise-client/w/wiki/4151.uefi-and-secure-boot.aspx

When the PC starts, the firmware checks the signature of each piece of boot software, including firmware drivers (Option ROMs) and the operating system.
Secure Boot Overview
http://technet.microsoft.com/en-us/library/hh824987.aspx

TrueCrypt Future Plans
The following features are planned to be implemented in future versions:
    Full support for Windows 8
    Ability to encrypt Windows system partitions/drives on UEFI-based computers (GPT)
http://www.truecrypt.org/future

Secure Boot Sequence

1.

After the PC is turned on, the signature databases are each checked against the platform key.

2.

If the firmware is not trusted, the UEFI firmware must initiate OEM-specific recovery to restore trusted firmware.

3.

If there is a problem with Windows Boot Manager, the firmware will attempt to boot a backup copy of Windows Boot Manager. If this also fails, the firmware must initiate OEM-specific remediation.

4.

After Windows Boot Manager has started running, if there is a problem with the drivers or NTOS kernel, Windows Recovery Environment (Windows RE) is loaded so that these drivers or the kernel image can be recovered.

5.

Windows loads antimalware software.

6.

Windows loads other kernel drivers and initializes the user mode processes.
TrueCrypt and Secure Boot interfere with one another beginning with Step 3.

You can use Windows 8+ with existing versions of TrueCrypt, you'll just need to disable UEFI and Secure Boot.

The ideal solution from an authentication stand-point would be to incorporate true one time password generation, with replay attack immunity, with TrueCrypt to thwart keyloggers.

Using MITRE Copernicus (or similiar) to verify the integrity of BIOS firmware could be used as an extra precaution in the meantime.
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
Buy one with win8 pro and make sure the notebook has a Tpm chip. Then, bitlocker is an option. Since it supports the TPM chip, you can use a relatively short PIN and nevertheless be secure.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:heze54
Comment Utility
HI,

The OS is a win 7 pro 64 bits
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
So you don't have the notebook yet but you are sure you will install and use 7 pro on it? (Because Dell will sell new hardware with win8.1/8.1 pro).
0
 

Author Comment

by:heze54
Comment Utility
Purchased a win 7 pro license
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
Ok, you obviously want to use 7. 7 pro does not feature bitlocker.
Then use truecrypt (while disabling secure boot in the UEFI Bios as mentioned) or some other encryption that is free like disk cryptor, a truecrypt spin-off.
0
 

Author Closing Comment

by:heze54
Comment Utility
A++.Thanks a lot
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
In this era, as you know, cybercrime and other sorts of frauds using the internet has increased day by day. We should protect our information assets and confidential information from getting exploiting by the attacker or intruders. Most of the fraud…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now