dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
742
share rss forum feed

scottp99

join:2010-12-11

Very quick TrueCrypt Question

I want to use TC for full system disk encryption for my PC and notebook and my question would be, can TC even detect if a hard drive is failing or not? In other words, since TC starts before Windows boots, can TC detect a failing hard drive or a hard drive thats about to go bad?

Thx!!! in advance


sbconslt

join:2009-07-28
Los Angeles, CA
No. The TrueCrypt bootloader resides on the drive, not outside of the drive.

In a catastropic drive failure, control would never be able to be passed as far as the bootloader. You would expect to see something like the BIOS chain loader showing you Operating System Not Found and halting.

In a situation where a drive was failing or about to fail, it wouldn't be TrueCrypt that would proactively notify you, that's not its job. You would expect to see unpredictable behavior and hangups while the system was running.
--
Scott Brown Consulting

dantz

join:2005-05-09
Honolulu, HI

2 recommendations

reply to scottp99
If TrueCrypt runs across any uncorrectable errors on your hard drive (i.e. unmappable bad sectors etc.) during the initial encryption of the drive then it can fail partway through and leave you with a partially encrypted (and possibly unusable) drive, but that's about as far as TrueCrypt goes in terms of 'detecting' drive failures. I recommend backing up any important data before you begin.

edit: Also, check the drive's health, run a full chkdsk etc. prior to encrypting it.


Ray
Mahnahmahna
Premium
join:2001-04-02
Gilbert, AZ
I'd also do a system image first, too. I've always had great luck with TC, but one time when I went to encrypt my whole drive, it got through the setup, the trial run to double-check your password, and then after finishing the whole drive, wouldn't take my password! Not sure if it was a software error or I somehow botched my password input multiple times the same way during setup, but that system image saved my bacon. I did the whole drive encryption again right afterwards and it worked perfectly.
--
ON DELETE CASCADE


seaman
Premium
join:2000-12-08
Seattle, WA
reply to dantz
Although, I am sure that this appears in some fine print somewhere- thanks for the reminder. Great advice!

scottp99

join:2010-12-11
I do already have a full OS image for my PC.
So I think thats what I was trying to invoke that if TC detected a bad or failing sector on the drive while it is encrypting, will it then stop the encryption process leaving me "hosed" out of my system?

This is one of the reasons as to why I am really hestitant encrypting the whole system drive because of this. I always used file encryption instead just to be safe.


Ray
Mahnahmahna
Premium
join:2001-04-02
Gilbert, AZ
Their documentation states somewhere (it's been a while... or was it a Security Now podcast?) that failure of part of the drive will not render the whole drive unencryptable - only the block/sector/segment (not sure) that the corruption occurs in will be affected. You won't lose your whole drive if one part becomes unreadable.
--
ON DELETE CASCADE

dantz

join:2005-05-09
Honolulu, HI
said by Ray:

Their documentation states somewhere (it's been a while... or was it a Security Now podcast?) that failure of part of the drive will not render the whole drive unencryptable - only the block/sector/segment (not sure) that the corruption occurs in will be affected. You won't lose your whole drive if one part becomes unreadable.

That only applies to data within an existing volume. Yes, if corruption occurs or if disk errors develop within an existing volume then you will generally lose whatever data exists at that location, plus usually a little extra margin around it, as each 16-byte block must be intact or you lose the whole block. Exception: If the corruption manages to damage both the volume header and the embedded backup header and you don't have an external copy of the header that you can restore then you will lose the entire volume.

However, during the initial encryption or subsequent decryption of a system volume, if TrueCrypt runs across certain types of uncorrectable disk errors then there is the risk of becoming permanently stuck. Periodically an unlucky user posts a new thread about this in the TrueCrypt forums. Thus, I recommend making sure the disk is healthy before attempting to encrypt or decrypt it, plus of course backing up all data. Performing a sector-by-sector image of the entire disk would be the safest approach.