Whole Disk Encryption on Tablet

Discussion in 'Windows 8' started by Threat, Mar 15, 2015.

  1. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,239
    1,405
    60
    Ok interesting problem.

    I have a new tablet which I need to secure (LINX8) which I need to secure fully encrypted with pre-boot authentication.
    The tablet is kept within a case with a micro USB keyboard so password entry on power on is not an issue.

    Normally I would use TrueCrypt - but this failed me in the case because the tablets 32gb SSD drive comes partitioned with GPT instead of ye-old-e MBR.

    Other programs like DiskCryptor recognise it but screw up because encrypting the Windows partition cause is to fail to boot - it boots into recovery mode and all you can do is full device reset which formats and rewrites the partition. The issue here is the drive has a hidden partition (EFI boot). The encryption programs cannot see this - but Acronis TrueImage showed it up.

    In addition the device has an "Images" partition, which has no drive letter; but is an NFTS partition that contains the WIM files - the Windows installation uses them (WimBoot mode). I am not worried about this part been encrypted since data won't be written here.

    BitLocker is not an option as the Windows version is not Pro but the 8.1 with Bing.

    My options seem much reduced. At a push I could attach a USB DVD and reinstall Windows 8.1 (edition of my choice) directly on the device - but then I lose the nice WimBoot mode unless I go about making my own ... which is not an option time wise. The device also has free office 365 which is tied to the OS that I would lose doing this approach.

    Seems to me tablets setup in this way are designed NOT to be possible to secure. I always thought not Microsoft missed something here with Win8.x when they went tablet mad by not making it feasible to secure. Just about everything puts a blocker on it.

    So, how would you proceed? :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,239
    1,405
    60
    #3 Threat, Mar 16, 2015
    Last edited: Mar 16, 2015
    (OP)
    Device Encryption is not an option as it requires a Microsoft Account. The solution must not require this.
    Also that solution is not good enough as I want complete device encryption, i.e. pre-boot authentication.

    BitLocker is not an option here as this must not involve changing the OS either for licensing legal issues.

    I really can't believe it's so hard to secure a tablet ... anyone would think Microsoft wanted to make offline tablets a target for theft.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...