Windows 8.1 Will Start Encrypting Hard Drives By Default: Everything You Need to Know

Discussion in 'Windows 8' started by ian82, Oct 27, 2013.

  1. ian82

    ian82 MDL Expert

    Mar 7, 2012
    1,147
    302
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,702
    3,704
    180
    If you don’t see the Device Encryption section in this window, you’re likely using an older device that doesn’t meet the requirements and thus doesn’t support Device Encryption.

    I have a Crosshair V Formula, UEFI BIOS, an FX-8350 and an AMD 7870 and don't have the encryption option

    They are trying to tell me that hardware is too old ? Doesn't support encryption?
     
  3. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,078
    60
    #4 Mr Jinje, Oct 27, 2013
    Last edited: Oct 27, 2013
    Does it have a TPM ? Otherwise I am assuming that to be certified for W8.1 HCK each MFG would need to re-submit hardware (fee's may be involved) which could be another reason why 'older' hardware is not certified.
     
  4. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,702
    3,704
    180
    Apparently yes according to ROG forums mods

    EDIT - And apparently no according to someone else ...

    No idea

    Don't need a TPM for TrueCrypt though do you ?
     
  5. ian82

    ian82 MDL Expert

    Mar 7, 2012
    1,147
    302
    60
    I posted this actually because I DONT want any encryption on my SSD

    I don't see the encryption option as well so I guess it isn't supported

    Am I better off installing Windows 8.1 Single Language because I don't need any of those Pro features, I never connect to a domain and I dont need BitLocker or Hyper-V (VMWare Player is much better)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,702
    3,704
    180
    Just reading up on TrueCrypt, this is what they have to say about TPM

    ---
    Some encryption programs use TPM to prevent attacks. Will TrueCrypt use it too? No. Those programs use TPM to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer, and the attacker needs you to use the computer after such an access. However, if any of these conditions is met, it is actually impossible to secure the computer (see below) and, therefore, you must stop using it (instead of relying on TPM).

    If the attacker has administrator privileges, he can, for example, reset the TPM, capture the content of RAM (containing master keys) or content of files stored on mounted TrueCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer).

    If the attacker can physically access the computer hardware (and you use it after such an access), he can, for example, attach a malicious component to it (such as a hardware keystroke logger) that will capture the password, the content of RAM (containing master keys) or content of files stored on mounted TrueCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer again).

    The only thing that TPM is almost guaranteed to provide is a false sense of security (even the name itself, "Trusted Platform Module", is misleading and creates a false sense of security). As for real security, TPM is actually redundant (and implementing redundant features is usually a way to create so-called bloatware).
     
  7. tinux

    tinux MDL Junior Member

    Feb 26, 2012
    85
    14
    0
    No thanks Never trust any company that holds your key no matter how religious they maybe, companies means profit first.
     
  8. Finguz

    Finguz MDL Novice

    Aug 15, 2013
    11
    1
    0
    Thankfully my 4770k, Asus Maximus VI Hero e.t.c doesn't support it ;)
     
  9. Garbellano

    Garbellano MDL Addicted

    Aug 13, 2012
    948
    245
    30
    Thats exactly what I was thinking. And this comes without any warning, seems like m$ is heading strong to TPM without saying anything.
     
  10. redroad

    redroad MDL Guru

    Dec 2, 2011
    5,346
    6,024
    180
    Yep they want hardware manufacturers using their OS's to have it implemented by 2015 :bye1:
     
  11. NiFu

    NiFu MDL Member

    Jun 29, 2013
    129
    133
    10
    Not even trust your own company ? You can use it either with Microsoft live account or your own domain group server.

    What are the preconditions ?

    1. "Connected standby" feature
      • which prerequisite "secure boot"
      • which prerequisite "UEFI"
    2. Either a Microsoft live account or domain group member
    3. Windows 8.1
      • clean install: automatically activated
      • upgrade: activate manually
    What happens when encryption is enabled - using a Microsoft live account - and I switch to local account ? Is the whole hard disk decrypted ? I sometimes switch from Microsoft live account to local account and vice versa.
     
  12. MSMG

    MSMG MDL Developer

    Jul 15, 2011
    1,903
    4,253
    60
  13. Espionage724

    Espionage724 MDL Addicted

    Nov 7, 2009
    901
    256
    30
    Guess I have nothing to worry about :)