Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > alt.comp.os.windows-10 > #193571 > unrolled thread

Can't get past bitlocker.

Started bymicky <NONONOmisc07@fmguy.com>
First post2026-05-19 16:33 -0400
Last post2026-05-20 15:36 -0400
Articles 18 on this page of 38 — 10 participants

Back to article view | Back to alt.comp.os.windows-10


Contents

  Can't get past bitlocker. micky <NONONOmisc07@fmguy.com> - 2026-05-19 16:33 -0400
    Re: Can't get past bitlocker. "Alan K." <alan@invalid.com> - 2026-05-19 16:54 -0400
      Re: Can't get past bitlocker. micky <NONONOmisc07@fmguy.com> - 2026-05-19 17:00 -0400
        Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-19 17:56 -0400
          Re: Can't get past bitlocker. "Carlos E.R." <robin_listas@es.invalid> - 2026-05-20 14:17 +0200
        Re: Can't get past bitlocker. "Carlos E.R." <robin_listas@es.invalid> - 2026-05-20 00:23 +0200
          Re: Can't get past bitlocker. "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2026-05-20 20:28 +0800
            Re: Can't get past bitlocker. rbowman <bowman@montana.com> - 2026-05-20 16:14 +0000
              Re: Can't get past bitlocker. "Carlos E.R." <robin_listas@es.invalid> - 2026-05-20 20:24 +0200
              Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-20 18:20 -0400
                Re: Can't get past bitlocker. "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2026-05-21 19:28 +0800
          Re: Can't get past bitlocker. micky <NONONOmisc07@fmguy.com> - 2026-05-20 15:59 -0400
            Re: Can't get past bitlocker. "Carlos E.R." <robin_listas@es.invalid> - 2026-05-20 22:09 +0200
            Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-20 19:45 -0400
            Re: Can't get past bitlocker. Frank Slootweg <this@ddress.is.invalid> - 2026-05-21 20:03 +0000
    Re: Can't get past bitlocker. Hank Rogers <Hank@nospam.invalid> - 2026-05-19 18:08 -0500
      Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-19 23:25 -0400
    Re: Can't get past bitlocker. rbowman <bowman@montana.com> - 2026-05-20 03:01 +0000
      Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-20 02:01 -0400
        Re: Can't get past bitlocker. rbowman <bowman@montana.com> - 2026-05-20 16:25 +0000
          Re: Can't get past bitlocker. "Carlos E.R." <robin_listas@es.invalid> - 2026-05-20 20:27 +0200
            Re: Can't get past bitlocker. rbowman <bowman@montana.com> - 2026-05-20 20:24 +0000
              Re: Can't get past bitlocker. "Carlos E.R." <robin_listas@es.invalid> - 2026-05-21 08:59 +0200
                Re: Can't get past bitlocker. rbowman <bowman@montana.com> - 2026-05-21 18:12 +0000
      Re: Can't get past bitlocker. micky <NONONOmisc07@fmguy.com> - 2026-05-20 15:57 -0400
    Re: Can't get past bitlocker. Andy Burns <usenet@andyburns.uk> - 2026-05-20 07:51 +0100
      Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-20 03:50 -0400
        Re: Can't get past bitlocker. Andy Burns <usenet@andyburns.uk> - 2026-05-20 10:57 +0100
        Re: Can't get past bitlocker. micky <NONONOmisc07@fmguy.com> - 2026-05-20 15:56 -0400
          Re: Can't get past bitlocker. rbowman <bowman@montana.com> - 2026-05-20 20:41 +0000
          Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-20 19:58 -0400
            Re: Can't get past bitlocker. micky <NONONOmisc07@fmguy.com> - 2026-05-20 21:18 -0400
              Re: Can't get past bitlocker. Paul <nospam@needed.invalid> - 2026-05-21 15:07 -0400
      Re: Can't get past bitlocker. "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2026-05-20 20:26 +0800
        Re: Can't get past bitlocker. "J. P. Gilliver" <G6JPG@255soft.uk> - 2026-05-20 14:40 +0100
          Re: Can't get past bitlocker. Frank Slootweg <this@ddress.is.invalid> - 2026-05-20 14:14 +0000
            Re: Can't get past bitlocker. "J. P. Gilliver" <G6JPG@255soft.uk> - 2026-05-20 18:43 +0100
      Re: Can't get past bitlocker. micky <NONONOmisc07@fmguy.com> - 2026-05-20 15:36 -0400

Page 2 of 2 — ← Prev page 1 [2]


#193607

From"Carlos E.R." <robin_listas@es.invalid>
Date2026-05-20 20:27 +0200
Message-ID<n0b1emx6d3.ln2@Telcontar.valinor>
In reply to#193604
On 2026-05-20 18:25, rbowman wrote:
> On Wed, 20 May 2026 02:01:56 -0400, Paul wrote:
> 
>> And this is when you discover the backup/restore system doesn't have
>> enough bandwidth. The restores are usually good for "onesey/twosey
>> restores", but when every disk in the company needs to be paved, it was
>> never designed for that style of disaster recovery.
> 
> It was painful. The division I worked for closed down and we'd given the
> clients a year of support to find another vendor. I agreed to stick around
> to fix any problems that came up but only fixed one obscure bug. Since it
> was only 3 months left we never bothered to restore the build machines or
> my Win 11 box.
> 
> According to the IT guy he'd gotten a notification to apply a critical
> patch and did so. Later that day he got another notification but thought
> it applied to the one he'd already installed. I think it was the next day
> when the system was pwned.
> 
> It probably was like the Linux kernel. I've been getting a lot of kernel
> updates even on the distros that aren't on 7 as they try to stay ahead of
> the vulnerabilities. Miss one and you're ripe for the picking.

How do they attack machines inside an intranet?

-- 
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;

[toc] | [prev] | [next] | [standalone]


#193614

Fromrbowman <bowman@montana.com>
Date2026-05-20 20:24 +0000
Message-ID<n76jkjFg9lpU1@mid.individual.net>
In reply to#193607
On Wed, 20 May 2026 20:27:03 +0200, Carlos E.R. wrote:

> On 2026-05-20 18:25, rbowman wrote:
>> On Wed, 20 May 2026 02:01:56 -0400, Paul wrote:
>> 
>>> And this is when you discover the backup/restore system doesn't have
>>> enough bandwidth. The restores are usually good for "onesey/twosey
>>> restores", but when every disk in the company needs to be paved, it
>>> was never designed for that style of disaster recovery.
>> 
>> It was painful. The division I worked for closed down and we'd given
>> the clients a year of support to find another vendor. I agreed to stick
>> around to fix any problems that came up but only fixed one obscure bug.
>> Since it was only 3 months left we never bothered to restore the build
>> machines or my Win 11 box.
>> 
>> According to the IT guy he'd gotten a notification to apply a critical
>> patch and did so. Later that day he got another notification but
>> thought it applied to the one he'd already installed. I think it was
>> the next day when the system was pwned.
>> 
>> It probably was like the Linux kernel. I've been getting a lot of
>> kernel updates even on the distros that aren't on 7 as they try to stay
>> ahead of the vulnerabilities. Miss one and you're ripe for the picking.
> 
> How do they attack machines inside an intranet?

Very easily. The exploit was against the public facing internet. Once 
you're on the LAN you own the whole mess. The irony is we had mandatory 
training videos cautioning against phishing attacks. Phishing emails were 
sent at random times and if you clicked on a link rather than reporting it 
as potential phishing you could expect another 1/2 video refresher. 
Meanwhile the barn door was left open. 

Years ago we did have an attack where someone clicked on an attachment and 
the virus spread on the intranet but this targets the main servers. 

[toc] | [prev] | [next] | [standalone]


#193626

From"Carlos E.R." <robin_listas@es.invalid>
Date2026-05-21 08:59 +0200
Message-ID<83n2emxl7f.ln2@Telcontar.valinor>
In reply to#193614
On 2026-05-20 22:24, rbowman wrote:
> On Wed, 20 May 2026 20:27:03 +0200, Carlos E.R. wrote:
> 
>> On 2026-05-20 18:25, rbowman wrote:
>>> On Wed, 20 May 2026 02:01:56 -0400, Paul wrote:
>>>
>>>> And this is when you discover the backup/restore system doesn't have
>>>> enough bandwidth. The restores are usually good for "onesey/twosey
>>>> restores", but when every disk in the company needs to be paved, it
>>>> was never designed for that style of disaster recovery.
>>>
>>> It was painful. The division I worked for closed down and we'd given
>>> the clients a year of support to find another vendor. I agreed to stick
>>> around to fix any problems that came up but only fixed one obscure bug.
>>> Since it was only 3 months left we never bothered to restore the build
>>> machines or my Win 11 box.
>>>
>>> According to the IT guy he'd gotten a notification to apply a critical
>>> patch and did so. Later that day he got another notification but
>>> thought it applied to the one he'd already installed. I think it was
>>> the next day when the system was pwned.
>>>
>>> It probably was like the Linux kernel. I've been getting a lot of
>>> kernel updates even on the distros that aren't on 7 as they try to stay
>>> ahead of the vulnerabilities. Miss one and you're ripe for the picking.
>>
>> How do they attack machines inside an intranet?
> 
> Very easily. The exploit was against the public facing internet. Once
> you're on the LAN you own the whole mess.

Ok, but how do they get inside the LAN? On a home network, so no public 
facing servers.

Maybe gaming computers?

> The irony is we had mandatory
> training videos cautioning against phishing attacks. Phishing emails were
> sent at random times and if you clicked on a link rather than reporting it
> as potential phishing you could expect another 1/2 video refresher.
> Meanwhile the barn door was left open.

Phising emails, yes.

> 
> Years ago we did have an attack where someone clicked on an attachment and
> the virus spread on the intranet but this targets the main servers.

Yes, I remember those.

-- 
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;

[toc] | [prev] | [next] | [standalone]


#193634

Fromrbowman <bowman@montana.com>
Date2026-05-21 18:12 +0000
Message-ID<n7908gFr5fiU6@mid.individual.net>
In reply to#193626
On Thu, 21 May 2026 08:59:20 +0200, Carlos E.R. wrote:

> On 2026-05-20 22:24, rbowman wrote:
>> On Wed, 20 May 2026 20:27:03 +0200, Carlos E.R. wrote:
>> 
>>> On 2026-05-20 18:25, rbowman wrote:
>>>> On Wed, 20 May 2026 02:01:56 -0400, Paul wrote:
>>>>
>>>>> And this is when you discover the backup/restore system doesn't have
>>>>> enough bandwidth. The restores are usually good for "onesey/twosey
>>>>> restores", but when every disk in the company needs to be paved, it
>>>>> was never designed for that style of disaster recovery.
>>>>
>>>> It was painful. The division I worked for closed down and we'd given
>>>> the clients a year of support to find another vendor. I agreed to
>>>> stick around to fix any problems that came up but only fixed one
>>>> obscure bug.
>>>> Since it was only 3 months left we never bothered to restore the
>>>> build machines or my Win 11 box.
>>>>
>>>> According to the IT guy he'd gotten a notification to apply a
>>>> critical patch and did so. Later that day he got another notification
>>>> but thought it applied to the one he'd already installed. I think it
>>>> was the next day when the system was pwned.
>>>>
>>>> It probably was like the Linux kernel. I've been getting a lot of
>>>> kernel updates even on the distros that aren't on 7 as they try to
>>>> stay ahead of the vulnerabilities. Miss one and you're ripe for the
>>>> picking.
>>>
>>> How do they attack machines inside an intranet?
>> 
>> Very easily. The exploit was against the public facing internet. Once
>> you're on the LAN you own the whole mess.
> 
> Ok, but how do they get inside the LAN? On a home network, so no public
> facing servers.

Read more closely. This was a corporate attack. I don't know the details 
but whatever security patch the sysadmin failed to apply thinking he had 
already done so was the entrance point.

[toc] | [prev] | [next] | [standalone]


#193611

Frommicky <NONONOmisc07@fmguy.com>
Date2026-05-20 15:57 -0400
Message-ID<av2s0l1c8bcaqoiemaof95jsbd2teujrok@4ax.com>
In reply to#193585
In alt.comp.os.windows-10, on 20 May 2026 03:01:03 GMT, rbowman
<bowman@montana.com> wrote:

>On Tue, 19 May 2026 16:33:39 -0400, micky wrote:
>
>> Question for a friend,   Recent Lenovo laptop running win11, but I don't
>> think the problem is limited to 11.
>> 
>> A full screen comes on his web browser, I think, telling him to call a
>> phone number or his data will be deleted.  A well-known scam, right?
>
>Offhand, I'd say he was pwned. I went into the office infrequently and on 
>one trip found my Win11 machine with BitLocker asking for a key. I never 
>used BitLocker.

In this case, bitlocker came later, when resatarting after I told him to
turn it off by holding down the power key.  (Not easy to find,
especially over the telephone. Lenovo puts it on the side. ) 

What he saw was a full screen thing telling him to call some phone
number, not do anything else or he'd lose his data, but as I explained
to Paul, his son's friend got it working last night. 

>The IT guy confirmed the entire company had been hit by ransomware and 
>they were trying frantically to recover. 

[toc] | [prev] | [next] | [standalone]


#193589

FromAndy Burns <usenet@andyburns.uk>
Date2026-05-20 07:51 +0100
Message-ID<n753utF98diU1@mid.individual.net>
In reply to#193571
micky wrote:

> Recent Lenovo laptop running win11
> A full screen comes on his web browser, I think, telling him to call a
> phone number or his data will be deleted.  
Is there anything of value/importance which is only on the laptop?

If not, then save lots of hassle and just wipe it ...

[toc] | [prev] | [next] | [standalone]


#193591

FromPaul <nospam@needed.invalid>
Date2026-05-20 03:50 -0400
Message-ID<10ujp3g$3qne7$1@dont-email.me>
In reply to#193589
On Wed, 5/20/2026 2:51 AM, Andy Burns wrote:
> micky wrote:
> 
>> Recent Lenovo laptop running win11
>> A full screen comes on his web browser, I think, telling him to call a
>> phone number or his data will be deleted.  
> Is there anything of value/importance which is only on the laptop?
> 
> If not, then save lots of hassle and just wipe it ...

A person like this, will not have backups.

And besides, the problem will be easy to fix, because of this development.

  https://www.xda-developers.com/new-windows-11-bitlocker-bypass-needs-usb-stick-researcher-backdoor/

The supposition, is that the operative mechanism for this one, is a back door Microsoft
left in Bitlocker, for law enforcement. Bring the laptop to Microsoft, Microsoft inserts
USB stick, disk is open for the policeman to carry away.

It's a bit tricky, as it requires copying something into a
System Volume Information folder on the USB stick, which you
may find it is easier to do from Linux, than from Windows.
It's best to do this, with the device in front of you, than
to be sending (more than one) USB stick to the recipient.
The trick has something to do with WinRE.wim (suggesting
it may be an automation that is checking for an F: drive
with a recovery key on it. Where there is no recovery key,
and "something else happens" instead.

The reason I like this one, is look at all the middlemen it has eliminated :-)
Who needs the Cloud, when you have a Hammer.

   Paul

[toc] | [prev] | [next] | [standalone]


#193592

FromAndy Burns <usenet@andyburns.uk>
Date2026-05-20 10:57 +0100
Message-ID<n75erpFassaU1@mid.individual.net>
In reply to#193591
Paul wrote:

> Andy Burns wrote:
>
>> Is there anything of value/importance which is only on the laptop?
>> If not, then save lots of hassle and just wipe it ...
> 
> A person like this, will not have backups.

But they may not have anything worth backing up ...

> And besides, the problem will be easy to fix, because of this development.
> 
>    https://www.xda-developers.com/new-windows-11-bitlocker-bypass-needs-usb-stick-researcher-backdoor/
> 
> The supposition, is that the operative mechanism for this one, is a back door Microsoft
> left in Bitlocker
I've heard some people cautioning against thinking of it as a backdoor, 
but then "they" would say that, wouldn't they?

[toc] | [prev] | [next] | [standalone]


#193610

Frommicky <NONONOmisc07@fmguy.com>
Date2026-05-20 15:56 -0400
Message-ID<bh3s0l1rchd4jov5p8j8in9r5bukjhaval@4ax.com>
In reply to#193591
In alt.comp.os.windows-10, on Wed, 20 May 2026 03:50:06 -0400, Paul
<nospam@needed.invalid> wrote:

>On Wed, 5/20/2026 2:51 AM, Andy Burns wrote:
>> micky wrote:
>> 
>>> Recent Lenovo laptop running win11
>>> A full screen comes on his web browser, I think, telling him to call a
>>> phone number or his data will be deleted.  
>> Is there anything of value/importance which is only on the laptop?
>> 
>> If not, then save lots of hassle and just wipe it ...
>
>A person like this, will not have backups.

He's 84 y.o., uses his computer for email, listening to music, reading
and probably writing about topics of his interest. 

Bought the thing in January iirc but rarely used it because it was 11
and and he had his 10 box set up to look like 7.   I was there 7 weeks
ago and was going to punch up this one, but had to leave after 40 hours.
But two or 3 nights ago, his son's friend talked to him on the phone,
and when that didn't work, they took he laptop to his house, and when
that didn't work, he came over to my friend's last night, and I just
learned that he fixed it.  All is working. 

I asked how he did it, but my friend hadn't asked because he didn't want
to pester the guy who'd put in at least 2 hours already, and because he
figured he wouldn't understand it anyhow.   When I asked, he said he'd
ask if he could. 

It won't hurt this guy to do a 2-hour favor for his friend, my friend's
son. But if everyone he knows (and I know he knows a lot of people) and
all the people who know those people find out how good he is at this,
he'll be pestered all the time.   I don't know if he does this stuff for
a living or not. 

>And besides, the problem will be easy to fix, because of this development.
>
>  https://www.xda-developers.com/new-windows-11-bitlocker-bypass-needs-usb-stick-researcher-backdoor/

I've only read a little part of this, but it sounds very interesting. Is
this so well known that my friend's son's friend would know about it? I
didn't think that was how he did it, but I really have no idea. 

I have win11 Pro, with 180 files with the word bitlocker in their names,
so I suppose I have bitlocker, but I think I forced it to turn off using
the Power key and bitlocker did not raise its ugly head.   I also know
my MS logon, even though I never log in, since it's the same one I used
for Skype and one year I used Skype a lot.   Hint: my password is
mskype.



>The supposition, is that the operative mechanism for this one, is a back door Microsoft
>left in Bitlocker, for law enforcement. Bring the laptop to Microsoft, Microsoft inserts
>USB stick, disk is open for the policeman to carry away.
>
>It's a bit tricky, as it requires copying something into a
>System Volume Information folder on the USB stick, which you
>may find it is easier to do from Linux, than from Windows.
>It's best to do this, with the device in front of you, than
>to be sending (more than one) USB stick to the recipient.
>The trick has something to do with WinRE.wim (suggesting
>it may be an automation that is checking for an F: drive
>with a recovery key on it. Where there is no recovery key,
>and "something else happens" instead.
>
>The reason I like this one, is look at all the middlemen it has eliminated :-)
>Who needs the Cloud, when you have a Hammer.
>
>   Paul

[toc] | [prev] | [next] | [standalone]


#193616

Fromrbowman <bowman@montana.com>
Date2026-05-20 20:41 +0000
Message-ID<n76kk9Fg9lpU2@mid.individual.net>
In reply to#193610
On Wed, 20 May 2026 15:56:01 -0400, micky wrote:

>>  https://www.xda-developers.com/new-windows-11-bitlocker-bypass-needs-
usb-stick-researcher-backdoor/
> 
> I've only read a little part of this, but it sounds very interesting. Is
> this so well known that my friend's son's friend would know about it? I
> didn't think that was how he did it, but I really have no idea.

https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html

Microsoft was right on that one.  thehackernews.com is a legitimate white 
hat site that reports exploits and what needs to be patched. 

[toc] | [prev] | [next] | [standalone]


#193621

FromPaul <nospam@needed.invalid>
Date2026-05-20 19:58 -0400
Message-ID<10ulhqf$ctu3$1@dont-email.me>
In reply to#193610
On Wed, 5/20/2026 3:56 PM, micky wrote:
> In alt.comp.os.windows-10, on Wed, 20 May 2026 03:50:06 -0400, Paul
> <nospam@needed.invalid> wrote:

>> And besides, the problem will be easy to fix, because of this development.
>>
>>  https://www.xda-developers.com/new-windows-11-bitlocker-bypass-needs-usb-stick-researcher-backdoor/
> 
> I've only read a little part of this, but it sounds very interesting. Is
> this so well known that my friend's son's friend would know about it? I
> didn't think that was how he did it, but I really have no idea. 
> 
> I have win11 Pro, with 180 files with the word bitlocker in their names,
> so I suppose I have bitlocker, but I think I forced it to turn off using
> the Power key and bitlocker did not raise its ugly head.   I also know
> my MS logon, even though I never log in, since it's the same one I used
> for Skype and one year I used Skype a lot.   Hint: my password is
> mskype.

As Administrator

   manage-bde -status

That will check whether you have encrypted partitions.

By me mentioning the xda-developer article, it was
the excellent timing I was referring to. Microsoft had
not responded yet, and the exploit could have been carried
out by anyone checking the news that day.

Eventually, the opportunity to use it will be blocked.

You can check with your friend now, and run the (as Administrator)
status check, to determine if the situation is still there to
cause trouble.

   manage-bde -status

Your friend needs a status check on his hobby-computer, and
you need to get in the habit of checking for that on your
own gear. As when a computer in your room breaks, you do not
need extra challenges preventing your repairs from working.

   Paul

[toc] | [prev] | [next] | [standalone]


#193625

Frommicky <NONONOmisc07@fmguy.com>
Date2026-05-20 21:18 -0400
Message-ID<u4ns0l5lrtnhnf12u8bn639u852n5ujjph@4ax.com>
In reply to#193621
In alt.comp.os.windows-10, on Wed, 20 May 2026 19:58:08 -0400, Paul
<nospam@needed.invalid> wrote:

>On Wed, 5/20/2026 3:56 PM, micky wrote:
>> In alt.comp.os.windows-10, on Wed, 20 May 2026 03:50:06 -0400, Paul
>> <nospam@needed.invalid> wrote:
>
>>> And besides, the problem will be easy to fix, because of this development.
>>>
>>>  https://www.xda-developers.com/new-windows-11-bitlocker-bypass-needs-usb-stick-researcher-backdoor/
>> 
>> I've only read a little part of this, but it sounds very interesting. Is
>> this so well known that my friend's son's friend would know about it? I
>> didn't think that was how he did it, but I really have no idea. 
>> 
>> I have win11 Pro, with 180 files with the word bitlocker in their names,
>> so I suppose I have bitlocker, but I think I forced it to turn off using
>> the Power key and bitlocker did not raise its ugly head.   I also know
>> my MS logon, even though I never log in, since it's the same one I used
>> for Skype and one year I used Skype a lot.   Hint: my password is
>> mskype.
>
>As Administrator
>
>   manage-bde -status

It says that both my volumes are fully decrypted.  Why do I feel
violated? 
>
>That will check whether you have encrypted partitions.
>
>By me mentioning the xda-developer article, it was
>the excellent timing I was referring to. Microsoft had
>not responded yet, and the exploit could have been carried
>out by anyone checking the news that day.
>
>Eventually, the opportunity to use it will be blocked.
>
>You can check with your friend now, and run the (as Administrator)
>status check, to determine if the situation is still there to
>cause trouble.
>
>   manage-bde -status
>
>Your friend needs a status check on his hobby-computer, and
>you need to get in the habit of checking for that on your
>own gear. 

Is something going to sneak up and encrypt it?  Without my intentionally
doing it?  Like when the + sign disappears from the tool bar in my
webbrowser (twice now). 

>As when a computer in your room breaks, you do not
>need extra challenges preventing your repairs from working.

That's true. 
>
>   Paul

[toc] | [prev] | [next] | [standalone]


#193636

FromPaul <nospam@needed.invalid>
Date2026-05-21 15:07 -0400
Message-ID<10unl57$vgqr$1@dont-email.me>
In reply to#193625
On Wed, 5/20/2026 9:18 PM, micky wrote:
> In alt.comp.os.windows-10, on Wed, 20 May 2026 19:58:08 -0400, Paul

>>   manage-bde -status
>>
>> Your friend needs a status check on his hobby-computer, and
>> you need to get in the habit of checking for that on your
>> own gear. 
> 
> Is something going to sneak up and encrypt it?  Without my intentionally
> doing it?  Like when the + sign disappears from the tool bar in my
> webbrowser (twice now). 
> 

I would be mostly concerned, right after an OS installation,
or maybe an upgrade cycle.

I don't think it generally tries anything during
day to day activities.

The behavior does not match the description. We were told Win11 Pro could
use software Bitlocker (CBC XTS or so) as an option. And that Win11 Home
would use FDE as a "Bitlocker Light" if there was a TPM and an MSA. When
it looks like Win11 Home receives CBC XTS for occupied sectors (a form
of software bitlocker), as the crypto choice. Instead of using FDE
(full disk encryption).

The details aren't important, but I don't like having to do experiments
to see how it works like that.

   Paul

[toc] | [prev] | [next] | [standalone]


#193594

From"Mr. Man-wai Chang" <toylet.toylet@gmail.com>
Date2026-05-20 20:26 +0800
Message-ID<10uk9aj$3vcai$1@toylet.eternal-september.org>
In reply to#193589
On 5/20/2026 2:51 PM, Andy Burns wrote:
> 
> If not, then save lots of hassle and just wipe it ...
That's exactly why data and OS should be in separate partitions!

-- 

    @~@   Simplicity is Beauty! Remain silent! Drink, Blink, Stretch!
   / v \  May the Force and farces be with you! Live long and prosper!!
  /( _ )\ https://sites.google.com/site/changmw/
    ^ ^   https://github.com/changmw/changmw

[toc] | [prev] | [next] | [standalone]


#193598

From"J. P. Gilliver" <G6JPG@255soft.uk>
Date2026-05-20 14:40 +0100
Message-ID<10ukdjl$3vrvs$1@dont-email.me>
In reply to#193594
On 2026/5/20 13:26:59, Mr. Man-wai Chang wrote:
> On 5/20/2026 2:51 PM, Andy Burns wrote:
>>
>> If not, then save lots of hassle and just wipe it ...
> That's exactly why data and OS should be in separate partitions!
> 
Is BitLocker partition-specific, or drive-specific?
-- 
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

"Grammar is there to help, not hinder."  -- Mark Wallace, APIHNA,
2nd December 2000 (quoted by John Flynn 2000-12-6)

[toc] | [prev] | [next] | [standalone]


#193601

FromFrank Slootweg <this@ddress.is.invalid>
Date2026-05-20 14:14 +0000
Message-ID<10ukml4.o1k.1@ID-201911.user.individual.net>
In reply to#193598
J. P. Gilliver <G6JPG@255soft.uk> wrote:
> On 2026/5/20 13:26:59, Mr. Man-wai Chang wrote:
> > On 5/20/2026 2:51 PM, Andy Burns wrote:
> >>
> >> If not, then save lots of hassle and just wipe it ...
> > That's exactly why data and OS should be in separate partitions!
> > 
> Is BitLocker partition-specific, or drive-specific?

  Partition-specific, or better drive-*letter* specific.

  For example on my (Windows 11 Home) system, 'manage-bde -status'
reports the encryption status of 'Volume C:' and 'Volume M:', which is a
USB memory-stick, which only has one ('Primary') partition.

  N.B. My system is Home, so it doesn't have actual 'BitLocker', but
only 'Device encryption', which is sort of a BitLocker Light, but that
doesn't change the answer to your question.

  And just for the record, I don't use encryption, so 'manage-bde
-status' says "Encryption Method:    None", etc..

[toc] | [prev] | [next] | [standalone]


#193606

From"J. P. Gilliver" <G6JPG@255soft.uk>
Date2026-05-20 18:43 +0100
Message-ID<10ukrs4$3vrvr$3@dont-email.me>
In reply to#193601
On 2026/5/20 15:14:37, Frank Slootweg wrote:
> J. P. Gilliver <G6JPG@255soft.uk> wrote:
>> On 2026/5/20 13:26:59, Mr. Man-wai Chang wrote:
>>> On 5/20/2026 2:51 PM, Andy Burns wrote:
>>>>
>>>> If not, then save lots of hassle and just wipe it ...
>>> That's exactly why data and OS should be in separate partitions!

(I have OS and software on C:, data on D:.)
>>>
>> Is BitLocker partition-specific, or drive-specific?
> 
>   Partition-specific, or better drive-*letter* specific.

Thanks.
> 
>   For example on my (Windows 11 Home) system, 'manage-bde -status'
> reports the encryption status of 'Volume C:' and 'Volume M:', which is a
> USB memory-stick, which only has one ('Primary') partition.
> 
>   N.B. My system is Home, so it doesn't have actual 'BitLocker', but
> only 'Device encryption', which is sort of a BitLocker Light, but that
> doesn't change the answer to your question.
> 
>   And just for the record, I don't use encryption, so 'manage-bde
> -status' says "Encryption Method:    None", etc..

Shows None for both mine. (W10-home.) Thanks.
-- 
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

Odds are, the phrase "It's none of my business" will be followed by "but".

[toc] | [prev] | [next] | [standalone]


#193609

Frommicky <NONONOmisc07@fmguy.com>
Date2026-05-20 15:36 -0400
Message-ID<u63s0l1eq6auueliu41te478am4ndvq278@4ax.com>
In reply to#193589
In alt.comp.os.windows-10, on Wed, 20 May 2026 07:51:05 +0100, Andy
Burns <usenet@andyburns.uk> wrote:

>micky wrote:
>
>> Recent Lenovo laptop running win11
>> A full screen comes on his web browser, I think, telling him to call a
>> phone number or his data will be deleted.  
>Is there anything of value/importance which is only on the laptop?
>
>If not, then save lots of hassle and just wipe it ...

There is some email, though maybe it's still on the server OR maybe none
of it is important. 

But even wiping it will take someone's time to reinstall windows, and he
lives 3 hours away.  But see my reply to Paul, once I write it. 

[toc] | [prev] | [standalone]


Page 2 of 2 — ← Prev page 1 [2]

Back to top | Article view | alt.comp.os.windows-10


csiph-web