SG Enterprise encryption - Bad Sectors survey

Hi Thomas,

I hear clearly what you're saying but:

    >Also, you could easily mess up the drive with a Windows PE CD with the SGN filter drivers

Well you can do that anyway even with bad clusters so I don't follow that argument. I think if anyone started to mess at this level they really should be aware of the implications anyway. Even if we talked about non encrypted drives, if I mount a disk in another OS and deleted systems files, I'd expect the native OS to be screwed up. Equally, it might be important that the area needs to be manipulated to correct errors that occur from time to time in your software. Actually the greatest use I would have of the PE boot would simply be the removal of SGN rather than the manipulation of data. I much prefer to decrypt and then get windows to fix itself properly than try to tweak my own fixes, it's much more reliable that way anyway.

  >Please believe me that all your arguments were discussed already years ago before we started coding.

Technology moves on though Thomas and there are better ways now. You don't need to do anything differently with filers, at the moment you're marking a contiguos area of the disk marking bad and then storing the start-sector away in the boot sector (I'm assuming). Nothing changes there, you create a continuguous system protected area and again store away the start sector. It's exactly the same - no different filters anywhere just a different marker and one that doesn't imply the disk is going bad.

Pure curiosity, how does MS's Bit Locker (which I haven't tested myself yet) do disk encryption?

Matt

Hi Thomas,

I hear clearly what you're saying but:

    >Also, you could easily mess up the drive with a Windows PE CD with the SGN filter drivers

Well you can do that anyway even with bad clusters so I don't follow that argument. I think if anyone started to mess at this level they really should be aware of the implications anyway. Even if we talked about non encrypted drives, if I mount a disk in another OS and deleted systems files, I'd expect the native OS to be screwed up. Equally, it might be important that the area needs to be manipulated to correct errors that occur from time to time in your software. Actually the greatest use I would have of the PE boot would simply be the removal of SGN rather than the manipulation of data. I much prefer to decrypt and then get windows to fix itself properly than try to tweak my own fixes, it's much more reliable that way anyway.

  >Please believe me that all your arguments were discussed already years ago before we started coding.

Technology moves on though Thomas and there are better ways now. You don't need to do anything differently with filers, at the moment you're marking a contiguos area of the disk marking bad and then storing the start-sector away in the boot sector (I'm assuming). Nothing changes there, you create a continuguous system protected area and again store away the start sector. It's exactly the same - no different filters anywhere just a different marker and one that doesn't imply the disk is going bad.

Pure curiosity, how does MS's Bit Locker (which I haven't tested myself yet) do disk encryption?

Matt