BitLocker: are 16 sectors appear to be unencrypted?

G

Guest

It appears that the first 16 sectors of the protected volume are not
encrypted.

(The only difference seems to be the "FVE-FS" instead of "NTFS" label at the
beginning.)

Why? There appears to be a bit of space to place data, bypassing encryption
protections.

Thanks!
 
J

Jamie Hunter [MS]

The first 8K (which translates to 16 sectors if using 512 byte sectors) is a
reserved area of the volume referred to as the boot block.
The first 512 bytes of this contains the BIOS Parameter Block.
The last 512 bytes of this contains volume snapshot data reference. Actual
volume snapshot data is encrypted.
The remaining portion of this block contains unused boot code. It's unused
as the encrypted partition cannot be the active partition.

The boot sector and backup sector need to be decrypted to allow certain
recovery scenarios. The 8K alignment was set early on in the development
when part of the first 8K was going to be used to store metadata, when the
approach changed, there was no good reason to change the 8K alignment to a
sector alignment (that can be as high as 4K).
-
Jamie Hunter [MS]
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to Confirm BitLocker is off 4
Bitlocker Requirements 1
VISTA: BitLocker Blob Location & Backup 9
Bitlocker requests recovery key every boot 4
How to get a definate answer from Microsoft on bitlocker? 13
Hard Disk Failure 21
Error #105/!08: Partition didn't begin/end on head boundary 2
corrupt ntfs file system on a 250GB drive on an xp pro system...important data needed...please help! 4

Top