View Single Post
  #4  
Old October 25th 17, 04:57 AM posted to alt.comp.os.windows-8
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Asus X550J laptop

Mayayana wrote:
"Paul" wrote

| You should be able to pull the drive, and work on it
| in your technician machine. It's likely to be a 2.5"
| SATA with standard SATA connectors.
|

It's been backed up. No problem there. I plugged
it in with a USB adaptor to my XP machine and disk
manager says it's healthy but it doesn't show up in
My Computer. I can't boot a CD in the laptop.
I'm guessing this is possibly encrypted and certainly
NTFS. What do I need to see the files on that?
I have WinXP and Win7-64. Should 7 see it if I just
plug it in as a data drive?

| Check the SMART stats on the hard drive.
|
| See if the partitions that should be visible, have
| files showing.
|



Best practice, is for the encrypting party to have
a "password floppy" or equivalent. You can make a
kind of recovery media, that allows decrypting the
partition in question.

With full disk encryption, the tiny partition containing
/boot and the BCD file, is not encrypted. Therefore, enough
software must be present in there, to support decryption
before hand-off to C: . It's your job, to find the password
media the owner was supposed to use, for just such emergencies.
Presentation of the password disc, should enable you to convert
the disk back to plaintext.

Some of these schemes, there can be error multiplication.
A single error in storage, can cause a larger chunk of info
to be errored, by schemes such as encryption or compression.
In the case of BitLocker, there is the Elephant Diffuser
in earlier versions. Microsoft made the Win10 version less
secure by removing the Elephant Diffuser. As long as the
encryption scheme is file based, perhaps the most damage
a storage error could do, is severe damage to the file the
error is in. If the encryption scheme were to work at
the sector level (as if it was a large TAR file), then
one error in storage, could be spread all over the place.

The manual shows it has Secure Boot. You would think the
choices would be "Yes" or "No", but AptIO apparently
supports "Custom". The Key Management field populates
if you switch it to Custom. The reason I'm looking in
this area right now, is for signs the box has a TPM chip.
TPM can be used by BitLocker. Or as a root of trust for
Secure Boot or something.

http://dlcdnet.asus.com/pub/ASUS/nb/X550JD/0409.pdf

https://www.manualslib.com/manual/80...4.html?page=93

Platform Key (PK)
Key Exchange Key database (KEK)
Authorized Signature database (DB)
Forbidden Signature database (DBX)

That doesn't necessarily mention TPM.

If you set Secure Boot Control to [Disabled], as seen on page 81
of 0409.pdf, then maybe you can get your OS media to boot. For
whatever thing you have in mind. If it's a UEFI BIOS, then
perhaps you'd want to try OS media which is Hybrid and supports
both Legacy and UEFI. On your Win7 disc, you might want to try an
SP1 flavor of disk, as it might stand a better chance of working.
I don't know the status of Windows 7 when it comes to booting
on stuff like this.

I sure hope the owner read the "best practice" for whatever
crypto is in usage. It could be BitLocker. It could be
TrueCrypt for all I know. I don't really know what to look for,
when it becomes apparent crypto is involved. Would the method
print on the screen "I am BitLocker, and no you may not come in" ?
Or would it fail silently ?

You may have Win7 media, because you bought a retail disc with
license key. In which case there is a Microsoft web page to download
media (i.e. a more recent Win7 disc with SP1 on it). If you got the
Win7 non-SP1 media at a fire sale, with no key, then you can use
the Heidoc URL generator software, to make Microsoft cough up a
download for you. The reason it has "steep requirements", is it
uses Internet Explorer to carry out a transaction with TechBench,
which coughs up a download URL, without the presentation of your
license key. You use the "Copy to Clipboard" button in the panel,
them flip over to any browser (Firefox) and paste in the download
URL. The download URL is valid for 24 hours, so don't attempt a DVD
download over dialup, as it might stretch past 24 hours. Any sort of
broadband internet, should be able to complete the download
in less than 24 hours.

https://www.heidoc.net/joomla/techno...-download-tool

You only need to download something, if you can't get your
existing media to work. With Secure Boot turned off.

Paul
Ads