I HAD MANY QUESTIONS ABOUT BITLOCKER FROM LAST NEWSLETTER – so here is an update!
First – repeating from last newsletter:
A windows update (KB5012170) is TRIPPING BITLOCKER causing it do demand a recovery key before it will permit rebooting!
THIS IS A DISASTER I already have had a half-dozen customers with this problem and have ONLY been able to save the data for TWO of them!
Some customers NEVER TURNED ON BITLOCKER – and hence THERE IS **NO** recovery key that they can access! Other times if you turned it on and remember your microsoft login, you MAY find the bitlocker key stored there (one customer it was there, another it was not). IF YOU NEED THIS KEY AND DONT HAVE IT YOU WILL LOSE **ALL** YOUR DATA ON YOUR DRIVE!
Yikes! What a disaster!
ALL CUSTOMERS — IMMEDIATELY TURN IT *OFF*!!! Before this happens to you!
Go to start-control panel (or type the Windows and R keys simultaneously and enter ‘control’)
under System and Security you will find BitLocker Drive Encryption
Turn it OFF!!!!!!!!
Why was bitlocker on? Many customers get bitlocker turned ON on new computers by default; It would say something like ‘waiting for microsoft account login to complete…’ but bitlocker IS active and YOU dont know the key!
ELIMINATE IT before it eliminates YOU!
BITLOCKER IS ONLY ON PC SYSTEMS. Mac folks have FileVault. Turn it off as well! more below.
Q. How do I tell if Bitlocker active?
A. Open a command prompt. Hold down Windows key hit the R key and a Run box will open. enter ‘cmd’ (no quotes) and then hold down shift key, control key and click OK. This will open an Administrator privilege Terminal window (black box with a prompt in it).
in this box type ‘manage-bde -status’ (no quotes). You will see the status of Bitlocker on your system.
From my computer this is what we see:
BitLocker Drive Encryption: Configuration Tool version 10.0.19041
Copyright (C) 2013 Microsoft Corporation. All rights reserved.
Disk volumes that can be protected with
BitLocker Drive Encryption:
Volume C: [BOOTCAMP]
Size: 1529.17 GB
BitLocker Version: None
Conversion Status: Fully Decrypted
Percentage Encrypted: 0.0%
Encryption Method: None
Protection Status: Protection Off
Lock Status: Unlocked
Identification Field: None
Key Protectors: None Found
In my case drive is FULLY DECRYPTED.. Bitlocker is GONE!
If it says ANYTHING ELSE your drive IS encrypted.
to turn off bitlocker on drive C you can do it from this same window:
manage-bde –off C:
This will disable it on drive C:. add D or E if you have other encrypted drives!
This will take quite a while to run! if you keep typing manage-bde -status you will see the decryption percentage drop from 100% as more and more of the drive is decrypted. You can in the terminal window strike the up-arrow key and enter to repeat the last command. Keep going so till your result looks like mine above. Then Bitlocker has been banished from your computer!
Q. HOW can Bitlocker damage ME?
A. If you have the drive Bitlocker encrypted – and you DO NOT have the key saved somewhere (if you see a link on the encryption page saying ‘Go to your microsoft account to complete encryption’ (or something like that) then your drive IS encrypted – and windows is offering to let you log into your microsoft account and SAVE THE KEY there for you!) MOST FOLKS ARE UNAWARE OF THIS so they never save the key.
Q. HAVE YOU SEEN THIS BITLOCKER PROBLEM YOURSELF?
A. I have a dozen customers who have been affected. We were able to save the data on TWO of them. You do the math.
Q. HOW CAN BITLOCKER BE TRIPPED?
A. By ‘Bitlocker tripped’ we mean it always asks for the recovery key at boot time (before you can log in). in a blue box!
Its a 48-digit number. Not your password (or anything else).
IT CAN BE TRIPPED BY THE WINDOWS UPDATE I MENTIONED IN LAST NEWSLETTER.
IT CAN BE TRIPPED BY ANY FIRMWARE UPDATE FOR YOUR LAPTOP.
IT CAN ALSO BE TRIPPED BY CHANGES IN YOUR COMPUTER. If you alter cmos. change the secure boot settings. OR ADD MEMORY!
IT WILL BE TRIPPED IF YOU MOVE THE DRIVE TO ANY OTHER COMPUTER! This means if your laptop DIES and you move the drive to another one, Bitlocker will ALWAYS BE TRIPPED!
Q. BUT I NEED BITLOCKER! I NEED THE SECURITY! MICROSOFT TOLD ME TO DO IT! (OR AN APPLE GENIUS)
A. NO YOU DONT. You never did! If you have files on your computer that you dont want others to see – you have a better option!
SOLUTION: USE VERACRYPT. ITS FREE. Both on Macs and PCs! Mac OS, Windows 10, Windows 11.
It creates a virtual drive (say drive P) that appears like a standard external drive (like a USB stick) – but it ONLY will open after you give it the passphrase you used when you created the drive. Then just move your critical files TO that volume, and they will be available ONLY when you supply the passphrase.
When you create the drive you specify the size and the passphrase. so a 50GB volume will let you store 50GB of VERY private files inside this volume. When locked (before the passphrase has been entered) it is UTTERLY UNBREAKABLE. Not even the CIA could read your files!
IT IS BETTER SECURITY THEN FILE VAULT OR BITLOCKER – but does NOT prevent your computer from booting up normally!
After you boot, when you open the Veracrypt file you will open (and then see) your bitlocker volume as a drive. And all your files will be there, only accessible *AFTER* unlocking the drive. OPEN SOURCE EXTREME FILE ENCRYPTION THAT DOES NOT SCREW UP YOUR COMPUTER! WHAT A CONCEPT!
You can get it here: https://www.veracrypt.fr/en/Home.html
CRYPTO Meltdown continues! FTX DISASTER. 600 million STOLEN. 1 million customers LOSE EVERYTHING.
BLAST FROM THE PAST! FROM THE FILES OF THE ELDEST GEEK:
The BBS world. Before the world wide web existed – a small number of enthusiasts created a network of computers that talked to each other. We ran BBSes (Bulletin Board System). There were different software packages. I owned and developed one of them – UltraBBS and ran it on 12 networked computers – with 12 phone lines (on top of the Rockies that was rather hard!) Pinecliffe BBS was one of the (if not the first) MULTI-LINE BBS systems (12 users could connect simultaneously) – and in UltraBBS I created instant inter-phone-line communication so that users on different phone lines could chat with each other! Each users text was in a different color to keep them separate! Back then – amazing ability! I had various folks log in just to chat with each other. And this was (needless to say) COMPLETELY PRIVATE.
Back then, we developed unusual facilities. I used USENet (the university to university private network) to access the UPI (united press international) newswire and I had news stores on my BBS computer just like I was a newspaper! I had different areas of interest on my system so users could read the newswire on my computers before they hit newspapers! How quaint you say. True, UPI is long defunct. But it was fascinating back then.
I also had the FIRST encrypted message system. my BBS software implemented the Blowfish algorithm invented by Brunce Schneier. With his permission given personally. It was unbreakable then – and has never to my knowledge been broken.
I also provided access to UseNet Newsgroups. These were message boards on various topics. as well as user created message boards. Often with an agenda. I collected message boards my users requested and provided two-way access to them from my BBS system. One of my favorites was a message board on the topic of actor Wesley Crusher (of star trek fame). the title of the message group was ‘alt.wesley.crusher.die.die.die’. maybe you can guess the theme!
During the first Gulf war, BBS computer systems joined together in a network called FIDO Net (Pinecliffe BBS was assigned the address 104/28) – and we had a special message area where messages entered on ANY BBS that was part of the network were forwarded to a BBS in Texas then communicated a bit compressed collection to a BBS in saudia arabia that unpacked them and delivered printed copies to the US Military stationed there. So family members could communicate with their military in the gulf pretty much in an hour. Amazing for the time. Now what the heck we all have cell phones LOL.
But – oddly – there are now some BBS systems running again – with the point being PRIVACY. If you use a physical phone line to connect to a BBS then who is listening?
TOPTECH REMOTE SUPPORT PLANS! AVAILABLE NOW! (sign up at www.theeldestgeek.com and give us your feedback!!)
You can register at www.theeldestgeek.com and the support plans are available for you to sign up for! 19.95 a month of $199.50 for a year.
Sign up and let me know everything works! Any problems? Call me at 7034013806 🙂
I also am offering MANAGED SERVICES – where we can monitor your computer real time 24 hours a day – and be aware of any problem even maybe before YOU are aware or it
SUPPORT TOPTECH AND THE ELDEST GEEK! WE NEED IT! LOTS OF NEW ITEMS IN ADOPTION CORNER! GIFT CARDS! (?)
(hey I’m not too proud to beg). And any donations would be most welcome – ‘prepay’ your next need?
If you want a gift card of our services for a friend just ask! Happy to make up one!) YOUR SUPPORT IS MOST APPRECIATED!
LIQUID SPILL REPAIRS or WEBSITE development! We can help! NEED HELP WITH GOLD/SILVER? Or Antiques? We have a LOT of expertise 🙂
I’ve been a precious metals dealer for years – started in the Antique Center. And we buy gold/silver – we pay more than pawn shops or jewelers!
And if you have something you THINK is valuable I can find out what pretty much anything is worth!
SYSTEM OF THE MONTH: A super nice Blade 15 i9 laptop! 32gb, RGX3080, 2TB SSD! Come see it!
Click here for the current adoption list – all are basically ebay prices but come with 6 month warranty and we do trade-ins and move-data as well 🙂
And we are open to haggling!
NICE DELL G15 Gamer available! RTX3070 graphics!
VERY NICE 15in 2017 Macbook pro – with a 1TB SSD!
2020 13in Macbook Pro 500gb SSD.