Bitlocker and a second hard drive

[Guest]

I have two hard drives. One has been partitioned for Bitlocker.

The backup goes to the second hard drive (E. If the laptop is stolen can
the E: drive be swapped without bitlocker key and then give up the secrets of
its backup of the bitlocker protected drive? Or is there something expected
between the Bitlocker drive protected and the unprotected drive, disallowing
it to work if compromised?

Thanks

 

[Guest]

Yes, if you have a system backup on an external drive then that will give up
the secrets if it is stolen. It doesn't even need to be stolen with the
computer for that to happen.

In Vista SP1 you will supposedly be able to encrypt that drive as well.

 

[Alun Jones]

Yes, if you have a system backup on an external drive then that will give
up
the secrets if it is stolen. It doesn't even need to be stolen with the
computer for that to happen.

In Vista SP1 you will supposedly be able to encrypt that drive as well.

If you're willing to run "cscript c:\windows\system32\manage-bde.wsf", you
can encrypt drives other than the boot drive in Vista without SP1. Vista SP1
will, I imagine, merely provide a GUI wrapper around this facility.

Alun.
~~~~

 

[Guest]

It's just that it is unsupported to encrypt non-boot volumes in Vista RTM.
That's why I did not mention it. The plan, last I heard, was to support it in
SP1.

 

[Alun Jones]

Good point - even the API that manage-bde.wsf uses documents that
encryption of drives other than the "currently running operating system
volume" is not supported.

I'm looking forward to seeing this supported in future versions of Vista.

Alun.
~~~~