Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 27 replies
  • Subscribers 5 subscribers
  • Views 26279 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG Enterprise encryption - Bad Sectors survey

jb1111

Has anyone here encountered bad sectors on encrypted machines?  I had 2 computers run for 3-4 months, get bad sectors and start crashing or going to a Windows screen with no icons <-you can only power off at this point.  Attempting to fix the bad sectors does not help.  The only thing I've gotten to work is backup the files (assuming I can even get into the system) and destroy the hard disk with Dban or killdisk.  These low level format and, "Zero out" the drive.  Once this 6 hour process is done, I reload Windows.  Chkdsk no longer shows bad sectors and life is good.

Has anyone come up with another approach to bad sectors or other hard drive issues?  I am most concerned this will be a monthly occurance.  Perhaps I could get a utility to report when drives start getting bad sectors?

Thanks.

PS - my SG policy is set to, "Proceed on bad sectors = yes"

:4085


This thread was automatically locked due to age.
Parents
  • 0

    Hi MawfTech,

    you wrote about system-protecting:

    That doesn't really matter though does it. Accessing it externally is only done by your boot loader and kernel anyway, anything else doesn't need to know about it and can't because it's burried withing the encrypted partition table anyway. System-Protection prevents defrag and chkdsk doing anything with it and if it's contiguous then pagedefrag won't touch it either.

    Please don't forget to consider dual-boot systems. An OS might not protect against the deletion of such files located on another partition. Also, you could easily mess up the drive with a Windows PE CD with the SGN filter drivers. (Which would be your fault, of course, but I already hear voices which require protection against this, too.)

    I want to point out another argument. The filter drivers would need to understand the file system sector level implementation if we do it the proposed way. In the end this would rock to the filter driver complexity and increase the likelyhood of bugs. I personally believe it is not a good idea to trade stability for a slightly better drive status detection (with having a S.M.A.R.T. alternative).

    The bad clusters are our way to store pre-boot code. As with most software architectures, there are pro's and con's, and we seriously considered all the arguments in the design phase of SafeGuard Enterprise. Please believe me that all your arguments were discussed already years ago before we started coding.

    With compliments,

    :4492
Reply
  • 0

    Hi MawfTech,

    you wrote about system-protecting:

    That doesn't really matter though does it. Accessing it externally is only done by your boot loader and kernel anyway, anything else doesn't need to know about it and can't because it's burried withing the encrypted partition table anyway. System-Protection prevents defrag and chkdsk doing anything with it and if it's contiguous then pagedefrag won't touch it either.

    Please don't forget to consider dual-boot systems. An OS might not protect against the deletion of such files located on another partition. Also, you could easily mess up the drive with a Windows PE CD with the SGN filter drivers. (Which would be your fault, of course, but I already hear voices which require protection against this, too.)

    I want to point out another argument. The filter drivers would need to understand the file system sector level implementation if we do it the proposed way. In the end this would rock to the filter driver complexity and increase the likelyhood of bugs. I personally believe it is not a good idea to trade stability for a slightly better drive status detection (with having a S.M.A.R.T. alternative).

    The bad clusters are our way to store pre-boot code. As with most software architectures, there are pro's and con's, and we seriously considered all the arguments in the design phase of SafeGuard Enterprise. Please believe me that all your arguments were discussed already years ago before we started coding.

    With compliments,

    :4492
Children
No Data
Unfiltered HTML