Windows 8 and 8.1 Forums


My top 2 reasons to upgrade to Windows 8--share yours

  1. #11


    Posts : 454
    Windows 8.1 Pro with Media Center


    Quote Originally Posted by Cly View Post
    I use True Crypt on some drives, but have shied away from using it on the System drive. Please let me know if you know of a way around these issues:

    (1) Per the documentation, TC should not be used on drives that use TRIM. My system drive is an SSD.
    The documentation does not say that. It talks about certain consequences of TRIM that would affect any encryption system that doesn't disable it. Only people concerned with plausible deniability should worry about it. The documentation also talks about wear-leveling and reallocated sectors and the risks they may impose. Microsoft's position on these things is typically not to mention them. BTW, my Truecrypted system drive for the last 1.5 years is an SSD drive that uses TRIM. The main thing most people need to worry about is to perform the encryption right after installing the OS, before you've entered any sensitive information such as adding a password to an account.

    (2) Per the documentation, TC does not know how to handle a system drive on shutdown or hibernation. There is no API for it. See page 89 of the manual.
    It doesn't say that either. It talks about the inability to clear keys from RAM and why you should wait several minutes before considering the computer secure to an attack that can read RAM from a powered-off(!) computer. The "missing APIs" require Truecrypt to keep the system volume mounted during shut down, and while mounted, the keys must be in RAM. Again, they're providing the type of exhaustive documentation Microsoft never does, and it's all in the interest of disclosure; unfortunately, it seems to create a lot of confusion. This is nothing to worry about.

    (3) TC requires creating a recovery CD/DVD. My computers don't have a CD-ROM. Creating a recovery USB drive is a hassle at best.
    I don't know any way around that, but it's been a couple of years since I encrypted my system drives, and I don't remember much about it.

    I haven't investigated Bitlocker yet, but using a pin as a pasphrase is ridiculous. Then again a pin + USB drive as a TPM might work. Are you sure that a TPM computer is rare? I thought that most modern computers have it.
    None of the several Asus and Gigabyte motherboards I've bought have one, very few of them that are available at places like Newegg seem to have them, and my Dell Vostro laptop from 2008 or so doesn't have one. I've personally never seen a computer that has one. Then again, I just found some articles claiming 100,000,000 computers have TPM chips in them, so what do I know?

      My System SpecsSystem Spec

  2. #12


    I like the fact that Windows will finally mount an ISO file as it's a feature that my Linux distros have been doing with built-in software since I started using Linux almost 13 years ago. I prefer to not have to use 3rd party utilities for such basic tasks.
      My System SpecsSystem Spec

  3. #13


    Posts : 106
    Windows 8 Pro


    I think the TC documentation is a little confusing if not confused when it comes to the discussion of TRIM and hibernation/shutting down. I did not understand the TRIM discussion to mean that it's only an issue for plausible deniability, but I could be wrong.

    And I thought the issue with shutting down/hibernation is not that of a cold attack at all but that bits of RAM could end up in the pagefile and/or the hibernation file. But then again it could be that the documentation is poorly worded. As I understand it Windows 8 uses the hibernation file almost exclusively to shut down.

    Another perceived advantage of using Bitlocker is that you're not putting all your eggs in one basket. Bitlocker for the system drive, which has nothing of value (in plain text) on it except the page file, and a small TC container on that system drive.

    As for the hibernation file, I would quickly get rid of that in Windows 8. My computer starts up quickly enough without any help.

    I don't know how many computers have TPM. My computer at work has it, and it's not a special computer. If the computer doesn't have it, you can use a USB drive instead with Bitlocker I think. A pin with only digits is pretty unbelievably silly though.

    I am going to use TC on my old laptop to see what it's like. It has a very slow hard drive, so it might be unbearable with encryption, but I will check it out.
      My System SpecsSystem Spec

  4. #14


    Posts : 106
    Windows 8 Pro


    Crawfish--TC gives the option of either encrypting (i) the partition where Windows resides or (ii) the whole drive where Windows resides. I haven't partitioned the drive, so it is basically one partition except for the 100MB mystery partition that Windows 7 creates. Would you choose (i) or (ii)?
      My System SpecsSystem Spec

  5. #15


    Posts : 454
    Windows 8.1 Pro with Media Center


    Quote Originally Posted by Cly View Post
    I think the TC documentation is a little confusing if not confused when it comes to the discussion of TRIM and hibernation/shutting down. I did not understand the TRIM discussion to mean that it's only an issue for plausible deniability, but I could be wrong.

    And I thought the issue with shutting down/hibernation is not that of a cold attack at all but that bits of RAM could end up in the pagefile and/or the hibernation file. But then again it could be that the documentation is poorly worded. As I understand it Windows 8 uses the hibernation file almost exclusively to shut down.
    I think it's pretty clear, but it does require careful reading. Maybe more than once. No idea how Windows 8 is using the hibernation file. As you are using an SSD, something I wrote the other day bears repeating:

    I always recommend disabling hybrid sleep on SSDs unless you really need it, and if you're on a laptop, you don't thanks to the battery, and on a desktop equipped with a decent UPS like my APC XS-1500 running Powerchute, you don't, because the UPS will wake it from regular sleep to hibernate in the event of a prolonged power outage. This saves me 10s of GBs of completely pointless writes per day.

    You really don't want to be frequently hibernating to an SSD due to lifespan issues, and hybrid sleep writes a hibernation file.

    Another perceived advantage of using Bitlocker is that you're not putting all your eggs in one basket. Bitlocker for the system drive, which has nothing of value (in plain text) on it except the page file, and a small TC container on that system drive.
    If the pagefile isn't encrypted, you're potentially leaking data. I don't understand the rest of the comment. I think the real advantage to Bitlocker is that it should work with all the Microsoft technologies like dynamic disks and the new storage spaces. It might even be possible to dual boot with it. Truecrypt forced me to give up on multi-booting and disk imaging and thus my Terabyte products, but for the multi-booting, anyway, it really kind of did me a favor, as I now consider it more trouble than it was worth. For my purposes, VMs make up for it.

    As for the hibernation file, I would quickly get rid of that in Windows 8. My computer starts up quickly enough without any help.
    I keep it around for the power loss issue mentioned above, but I never hibernate manually. Only my UPS will ever do it, and so far, it's done it once.

    I don't know how many computers have TPM. My computer at work has it, and it's not a special computer. If the computer doesn't have it, you can use a USB drive instead with Bitlocker I think. A pin with only digits is pretty unbelievably silly though.
    The USB drive always seemed very stupid to me. One can't just leave it attached all the time, and what do I do with it after I boot? Hide it? Then when I reboot, I have to go retrieve it from its hidey-hole? No thanks. I'll just keep using Truecrypt and typing my passphrase. This is actually what made me go with Truecrypt when I was looking at it and Bitlocker a couple of years ago when I got my SSD and decided to encrypt everything, which is the only way to avoid data leakage.

    I am going to use TC on my old laptop to see what it's like. It has a very slow hard drive, so it might be unbearable with encryption, but I will check it out.
    You won't notice any speed degradation unless your CPU is very slow, and if your hard drive is very slow, well, that means your CPU will have to be that much slower. If you don't have a newer CPU with the AES instructions, multiple cores can help a lot. Deciding to use Truecrypt makes me glad I bought an i5 750 with 4 cores back in 2009 when I built my current computer.
      My System SpecsSystem Spec

  6. #16


    Posts : 454
    Windows 8.1 Pro with Media Center


    Quote Originally Posted by Cly View Post
    Crawfish--TC gives the option of either encrypting (i) the partition where Windows resides or (ii) the whole drive where Windows resides. I haven't partitioned the drive, so it is basically one partition except for the 100MB mystery partition that Windows 7 creates. Would you choose (i) or (ii)?
    I no longer split drives into multiple partitions so I always in effect encrypt the whole drive. I also get rid of the 100 MB partition if Windows should create it. So, I don't have any experience with what you're asking. However, I would choose (ii), to encrypt the whole drive. Note this only works on the system drive; if you ever try to encrypt a data drive that has partitions, it won't let you. You'll either have to delete all the partitions first or encrypt them one by one.
      My System SpecsSystem Spec

  7. #17


    Posts : 106
    Windows 8 Pro


    Ok so if Bitlocker is a bootlicker, then that leaves me with only one reason to upgrade to Windows 8, and not a very compelling one at that. I did read that Windows 8 is "more efficient" with multi-core CPUs. But my fast desktop is plenty fast and my slow laptop is not multi-core.

    Does it come down to the GUI then? I did try the first Windows 8 trial--was it called Customer Preview or something? I was not impressed but I did not really invest any time learning it. I did not want to invest any time because it was not inviting, not attractive and a lot less intuitive than Windows 7. It did run much better than XP on my old 1.5GB laptop though, which inspired me to upgrade to Windows 7 on the old laptop. Windows 7 also runs much better than XP on that machine. Amazing, ain't it?
      My System SpecsSystem Spec

  8. #18


    Posts : 106
    Windows 8 Pro


    Quote Originally Posted by crawfish View Post
    Quote Originally Posted by Cly View Post
    Crawfish--TC gives the option of either encrypting (i) the partition where Windows resides or (ii) the whole drive where Windows resides. I haven't partitioned the drive, so it is basically one partition except for the 100MB mystery partition that Windows 7 creates. Would you choose (i) or (ii)?
    I no longer split drives into multiple partitions so I always in effect encrypt the whole drive. I also get rid of the 100 MB partition if Windows should create it. So, I don't have any experience with what you're asking. However, I would choose (ii), to encrypt the whole drive. Note this only works on the system drive; if you ever try to encrypt a data drive that has partitions, it won't let you. You'll either have to delete all the partitions first or encrypt them one by one.
    I tried encypting the whole drive. I got an warning that I have nonstandard partitions and encrypting the whole drive could make the system unusuable. I clicked cancel at that point. I never create partitions either so I have no idea what it's talking about.

    How do you delete the 100MB partition that Windows 7 creates?

    EDIT:

    I just opened Computer Management. There is an 86MB partition labelled OEM Partition. Safe to delete? It's a Dell laptop.

    EDIT:

    It can't be deleted from the Computer Management console; successfully deleted the OEM partition using diskpart. I can't combine it with the main partition though.
    Last edited by Cly; 14 Jul 2012 at 23:24.
      My System SpecsSystem Spec

  9. #19


    Posts : 5
    Windows 8 (Release Preview)


    1.) The Ribbon feature in Windows Explorer. You guys have NO idea how happy that's made me.
    2.) I have a feeling I may be one of the few who enjoys the Metro interface. Even though I still use the desktop more often, I've enjoyed browsing through the tiles and downloading new apps to try out.

    I'm looking forward to Bitlocker as well, but since I already had Windows 7 Ultimate installed on my computer before, I'm not as excited about it.
      My System SpecsSystem Spec

  10. #20


    Posts : 5,707
    Windows 8.1 Pro


    I have two more.

    Windows 8 To Go, that is very handy to have Windows on your person with you at all time. I just used it yesterday to diagnose a dead netbook battery.

    And, the Ribbon. Very nice!
      My System SpecsSystem Spec

Page 2 of 9 FirstFirst 1234 ... LastLast
My top 2 reasons to upgrade to Windows 8--share yours
Related Threads
Read more at: Five reasons I'd rather run Windows 8 than Linux | ZDNet
At least Ed Bott is optimistic for the desktop, Ed Bott is a well respected journalist and he seems to be optimistic that the desktop is not going to disappear. That, at least, is comforting. Read more at source: Five reasons why the Windows desktop isn't going away | ZDNet
see full report
Five reasons why Windows 8 has failed | ZDNet
7 Reasons Windows 8 RT was DOA
Read more at source: 7 reasons why Windows RT works | Windows 8 - CNET Reviews See also: https://www.eightforums.com/windows-8-news/10363-top-10-biggest-drawbacks-windows-rt.html
Eight Forums Android App Eight Forums IOS App Follow us on Facebook