Does Pre-boot encryption works on all drives or just the C drive?
where does the recoverykey store
Does Pre-boot encryption works on all drives or just the C drive?
where does the recoverykey store
I have three SATA hard drives that I use every day. Suppose I disable the corresponding SATA ports of these hard drives through my BIOS, add another storage device to my PC, install another instance of Windows 10 and run unsafe executables on it – would my three SATA hard drives be completely isolated and safe?
As I understand it, unmounted partitions are at risk, but not partitions that I exclude by disabling the corresponding SATA ports.
Is this correct?
I would like to protect my flash drives to being infected when I put it in another computers or devices. After some research, I found that I will not be able to reach this level of protection by using only software solutions (correct me if I’m wrong).
However, I don’t have a flash drive with hardware protection and my only way to get one is importing (it will not be cheap). I also found that SD card’s switches against writing is not in a hardware-level, so I kinda have to trust that a potentially infected computer will respect it, which is not a good idea.
So, my question is: is there a trustful way (using USB) to put my files into another computer without my USB stick (flash drive or SD card) being infected?
Why are currently trying to enhance the security posture of our company, and this means changing how some IT personnel work.
Precisely, our IT helpdesk now have 2 separate accounts: 1 for normal day to day usage (mails, internet, etc…), and 1 for administrative tasks. The later is a privileged account having several rights on the AD and some servers.
The way they work is not very secure when it comes to supporting the users: they use their privileged account to login to the user’s workstation and perform tasks where admin rights are needed.
But my question is more accurately related to network drives being mapped in their privileged account’s profile. They insisted on using the same logon script as with their standard account.
Do you have any recommendations, references to guidelines and/or best practices in such a case ? I’d like to present them some resources to convince them it’s not secure to have network drives mapped in this profile.
I tried to explain to them that if they log in a ‘contaminated’ workstation, their privileges might spread the infection to the network… But they did not understand and argued they need to access some files on the network while assisting the users. They don’t want to waste time typing UNC path, etc…
I am trying to understand what generic risks are there in using my thumb drive to transfer files to some untrusted machine and plugging it back to my Windows device. Specifically I am interested in generic threats when I plug my USB Drive to external machine is compromised (like public image printing shop).
As far as I understand 2 main risks are:
A) Malicious files are copied to my pen drive from a compromised system and than
B) Automated BadUSB firmware reprogramming. With all the further consequences that BadUSB deliver. But generally this kind of attack is not present in form of generic attack as it would require to support huge amounts of different peripheral manufacturers with different devices.
So my questions are:
Are there any other generic (non-targeted) threats that are similarly widespread in the wild?
In respect to risk 3 – how common are such almost no user interaction vulnerabilities in the wild?
In our corp environment, we are being required to move our file shares to SharePoint Online. In order to maintain some semblance of ease of use for the general user population, we’re trying to continue to use mapped drives. Bizarrely, Microsoft discourages this (no reason given why). We’re still gonna try.
Our procedure, which always gets things working in the short term:
https://XXXXX.sharepoint.com) to the Internet Properties Control Panel Trusted Sites list (using wildcards, e.g.
https://*.sharepoint.comdoes not work)
Map the SP Document Library to a drive letter, e.g.
net use T: https://XXXXX.sharepoint.com/sites/myteamfileshare.group /PERSISTENT:YES
This works “for a while.” (It even survives logouts/reboots.) After some time period (around a week?), when a user logs back in, the drive has a red X over the drive icon in Windows explorer, and if the user tries to access that drive in Windows Explorer, they get this error dialog:
This error can be resolved if the user performs step #2 above (opening IE, logging out, closing IE, etc.), but that is an unacceptable workaround.
It unfortunately looks like this problem has been around for quite some time, in some form or another (cf. The network drives mapped to Sharepoint Documents Library cannot reconnect after login in Portal O365 and intermittent Error when Using File Explorer to access Sharepoint content)
Any methods to get a consistently mapped drive that doesn’t disconnect are very appreciated!
I copied a bit of data on my LVM based RAID1 (not hardware RAID) with 2× 10Tb hard drives:
/dev/mapper/users-users 9.1T 1.9G 8.6T 1% /home
and now it’s killing my I/O to the point where my mouse, keyboard, video are blocked/unblocked/blocked/unblocked…
I’m thinking that maybe something is wrong at the hardware level but wondering what that could be. Wondering what to test first to try to make a better diagnostic.
I have another 2 drives in the same drive array but they are not setup in RAID mode.
Looking at the output of
iotop it tells me that there is about 2Mb/s written to disk, a pretty much permanent write… When I look at the Disk LED, I can see them come up and out over and over again and can hear the seeking heads too.
Trying to watch a video, it fails really bad. Choppy would not even be the word here. It’s like one image every other second if even that much. So a really big I/O killer for the entire computer.
Wondering whether someone would have encountered such a problem before and what can be done to fix it if possible (I certainly hope it is possible!)
My motherboard is a Supermicro X11DPH-T and I also got a case from Supermicro the 745BAC-R1K28B2 4U Full Tower Chassis. I’m running Ubuntu 18.04 LTS. The server is new and so is the install (i.e. not an upgrade from 16.04 or who knows what…)
Would there be a way to know whether a specific hard drive or some other hardware device is causing the trouble?
I would like to encrypt my drives and data on Windows 10, but I need some recommendation to use the appropriate software(s).
On my system drive, I have the
"Backup and sync" Google software and the synchronized
Google Drive folder. But I absolutely need to let the folder content readable from my phone at any time. If I encrypt the whole drive, will this folder be synchronized as encrypted? If yes, is it possible to decrypt files from
Google Drive on the fly on Android?
I also have a
"Media" SSHD (with my
Videos folders, and video editing stuff), a
"Backup" SSHD (which contains the
FileHistory Windows folder), and a
"Virtual machines" SSHD. Note that I need to keep good performances with all of them if I encrypt them, regardless of the method.
I think that the most important folders to encrypt are
FileHistory. But I don’t know if whole drive encryption will be better and more appropriate.
For Windows, I found
"VeraCrypt", but if all files are encrypted, I won’t be able to decrypt
Google Drive folder content on Android.
Google Drive, I found
"GoodSync" which work on Windows and Android, but which seems to be specific to cloud storage.
This is not an urgent problem, but I would like to know if I am currently making use of both of my hard drives (and/or if I can fix that).
Essentially, I purchased this computer without an OS and I have successfully installed Ubuntu Server on it.
The computer comes with 2 3TB hard drives.
My understanding is that I can either have a RAID0 configuration to have 6 TB of storage space, or a RAID1 configuration where 1 3 TB drive mirrors the other 3 TB drive.
Given that I have started to run analysis on the server, I am OK with mirroring the hard drive (RAID1).
However, I don’t think I have successfully done that. For example, if I check my
/proc/mdstat file, this is what it says:
Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10] md126 : active raid1 sda sdb 2930264064 blocks super external:/md127/0 [2/2] [UU] md127 : inactive sda(S) sdb(S) 5040 blocks super external:imsm unused devices: <none>
Likewise, this how those drives are recognized using
lsblk -o NAME,SIZE,FSTYPE,TYPE,MOUNTPOINT
NAME SIZE FSTYPE TYPE MOUNTPOINT sda 2.7T isw_raid_member disk └─md126 2.7T raid1 ├─md126p1 512M vfat md /boot/efi └─md126p2 2.7T ext4 md / sdb 2.7T isw_raid_member disk └─md126 2.7T raid1 ├─md126p1 512M vfat md /boot/efi └─md126p2 2.7T ext4 md / sr0 1024M rom
However, this is the available space that I have using
Filesystem 1K-blocks Used Available Use% Mounted on udev 16370772 0 16370772 0% /dev tmpfs 3280440 940 3279500 1% /run /dev/md126p2 2882700496 223265236 2512931992 9% / tmpfs 16402180 0 16402180 0% /dev/shm tmpfs 5120 0 5120 0% /run/lock tmpfs 16402180 0 16402180 0% /sys/fs/cgroup /dev/md126p1 523248 6152 517096 2% /boot/efi tmpfs 3280436 0 3280436 0% /run/user/1000
So, my questions are as follows:
Am I actually mirroring my hard drive with a RAID1 configuration?
If so, how can I recover my hard drive is something goes wrong?
/proc/mdstat file, it looks like there is some sort of the link between the drives (since
md126 is listed with
super external:/md127/0, on the 2nd line)
If both hard drives are not currently being used (for RAID1 mirroring), what do I need to change? Can I start mirroring my first hard drive without erasing everything currently on the first drive?
First I can’t open my other drives. There’s an error
unknown filesystem type 'exfat'. I solved this by installing
exfat-utils. Now I can open my other drives.
But now I want to copy files from my Ubuntu drive partition to the other drives via the ubuntu GUI, but I can’t copy it. The
paste command is disabled.
I know there’s a command line way to do this, but I want to do this via GUI. It’s faster to do this via GUI and I don’t have to memorize commands.
Is there a program that I can install to make this possible?