-->

Monday, February 14, 2022

Bitlocker, neverending Story (Part 3)

 This might get edited heavily over the next few days.

All I want to say NOW is, without "Legacy" usb-support, no boot drives from USB will work, and the CDROM-drive is useless.

A thousand-guesses came up with this answer (so it could have been other bombastic stuff too, but this selection in BIOS was the only thing that finally worked)


Yes, I reinstalled, yes, Magician says the drive is already "ready" for encryption, but no, it is not actually encrypted, yet.

I wanted to sandwich-in a question about Samsung-Magician, This seems like a good spot.

OK, WHY does their little software-program have to run all of the time? It's creepy.
If it actually did something besides monitor a single drive (of two) no one told me. Yet I'm afraid to disable it, in case I get some hidden benefit they were unclear on, like maybe better encryption.

Not that I'm jumping the gun, champing-at-the-bit, creaming to get it encrypted...

I'm being modern, and a proper guest at parties (so far), not an actual encrypter, not yet. (There is no acceptable word meaning, "A person who encrypts" 

FURIO, spellchecker
https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV180028

SED drives (Hardware encryption) are vulnerable drives, and one should use software encryption.
*Why*, I don't know.
That whole tcg 2.0 and ieee 1667, is that software encryption??
Would/will sims work better using software?
Please remember, this computer had the system partition encrypted already but the game "sims 4" ran very slowly. Any re-attempts will follow advice, like using "Software encryption" if it is a choice.
Manage-BDE -status
No one is stating soft/hard or IEEE-anything
Interesting Link

I'm not sure about this next paragraph, so I'm guessing:
The TPM is protecting your PC. If you've backed up your key, um, and don't have a computer to read the text file with your key in it, Then you're screwed. 
But wait, Normally you won't need a key because your TPM is vouching for you, unless maybe you've replaced your CPU (with the TPM in it), or your motherboard (but my TPM is in the CPU, not the motherboard, but nevermind..)
OK so you need a place to stash your Backup text-file with your key in it.
Everything else being equal (your computer has the same ID) then you would hand-type your key into a warning prompt asking for it.
So where to put this text-file?
I think it could be printed, or put onto another computer, or backed up to your microsoft account.
All these solutions are wimpy ones. I mean, anyone with access to your microsoft account could read it, anyone with access to your workspace could read the printout, 
and anyone with access to your phone (for an example) could read the backed up text file on your phone.
If you live next to hackers you're mostly screwed.
you *could* memorize the twenty forty-eight (I can't really look right this second) -digit key, and eat the printout, and destroy the file, hmm.
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings is an impenetrable jungle. But it explains "Identification field," kind of.
In a perfect-world, only drives that had the identification field of family and friends could be attached to your computer, and all others would be rejected.
Yeahbutt... I missed the class on how to add an identification-field to a drive.




ATA password,wut?
https://www.reddit.com/r/thinkpad/comments/acbyrm/best_full_disk_encryption_setup_for_new_samsung/

ATA passwords are weak, useless: https://security.utexas.edu/education-outreach/BreakingATA
OK, I think I have enough conflicting information to dive off of this cliff.

Msinfo32 is unmoved, (the witch)

So now I went and ran sims 4, and it seemed fine, great.


This bottom line to all this encryption-stuff is, although people get very specific with the type of encryption you should use, there are no indicators
 (from Samsung, from Microsoft, from My PC)
That say which encryption they're using.
So it's all a best-guess for me.
The drive is encrypted, and beyond that, no one is saying much.



BIOS updates and *maybe* even some Windows updates (the major weekly-kind)
could ruin this little setup.
I will leave everything as-is for biggie windows updates, but BIOS and windows are Not friends, and I will have to remember to disable a list of things:
Secure Boot
TPM
Encryption
None of that is in order, and I might fail the first couple times.
Let me guess:
Disable encryption, then
Disable secure_boot
then
Disable the TPM.
The next time I buy a motherboard I might look for one with a more windows-friendly BIOS.
I'm not sure though, that any standalone motherboard would meet the requirements, it might have to be an entire certified PC.
This is all silly considering my secondary drive has all the goodies, 
and the most sensitive stuff the C: drive has is, the registry.

https://www.windowscentral.com/how-suspend-bitlocker-encryption-perform-system-changes-windows-10
Suspend for updates?? oshit.
"Nyah-nyah-nyah-nyah" WTF-not? NVM.
BTW they're making it damn near impossible to follow anyone else's instructions to backup.
Mold was growing on their butt (or something)
https://answers.microsoft.com/en-us/windows/forum/all/how-to-create-a-system-image-in-windows-11-and/036110b8-66bb-4cc7-b9e2-2d66df27d236





After running around not knowing why my external thingies couldn't be read, dredging up old CD-roms and an ancient USB drive,
I got to thinking about USB drives and why I only have one.
An 8GB one.
But it goes and goes, and an 8GB-*3.0* one burned out years ago.
Those phone memory chips nearly killed a phone 10 years ago.
So I've been procrastinating buying a USB stick.
I've read somewhere that slow USB drives last longer, but I don't CARE, I only want a drive to last as long as my Hoary (Promo??) USB drive from an electronics store close by. But that wasn't even it, because I insisted that it should cost less than ten dollars, preferably $5.
Well, I found a 32GB one, it was $7.95 total (with S-H)
so it fits my budget, and even if it doesn't pan out, I haven't lost much!
It's here.
It works, at a glacial speed.
As I write this it's copying a directory and it'll be done, in a half hour.
Nearly 7 gigabytes copying, at a speed slower than my internet.
I have not delved into the philosophy of portable disks.
People seemed excited about ex-fat, until they weren't, and I don't think windows likes exfat (not sure).


Fat32 has limitations. But the drive comes with a fat32 format.
I've just read, fat32 can be humungous but the individual files must be less than 4GB.
NTFS for a flash-drive seems silly, although I'm sure people have reasons.
I think I meant to research "Which is the fastest/bestest format for flash-drives" but I forgot, and now it's too late (It's getting dark.)

Every reviewer on the planet must have the below disk, they're all saying it's best, and the curmudgeons on amazon hate everything anyway, so whatever.
"I used to own whatever, but their new model sucks real bad."
A reviewer said this was best. Is it, or is he a shill, bought and paid for.
Yeah it's fast, but does it live long?

If reviews are the same (bad) isn't it better to buy the cheapest?
I'm not happy right now...



Actually, I've been looking at drives that are older than your kid.
Newer ones exist, https://www.storagereview.com/review/kingston-datatraveler-max-review

Did I mention I'm not Happy??


There is an extension cable, a "USB-4"-C-type, that usually holds my thumb-reader.
The dinky-hole it goes in is buried under a spidery-web of wires. 
So this drive, in theory, would dangle in the air, twisting in the slight breeze (face it, it's HOT in here.)
I wrote-erased a statement about USB 2.0 drives being more reliable, but NO one reviews reliability, only a warranty no one ever actually uses.
And for reference, my 512GB SSD drive-on-a-cable gets as hot as toast. It still works. (but it's shaped a lot like a cookie)
And reviewers kind of pointedly remark that, if you don't really care or move around much, 
SSD's beat Flash-drives.
Yeah but I wanted to be trendy....(o poo)
Nothing (but read below) tells you that you actually will get "V2",
 and I should know, having the toasty "V1"
and those 6,249 ratings? "V1"


Old-duffer V1 speeds

-----

"sustained writes" is something to google, if you're into stuff like that.
IOW anything more than the cache can handle, anything compressed, damn near anything, slows a drive down, and it isn't clear (yet) how much of those astronomic speeds are hype-poop.
More obsessed people than you have benchmarked and copied movies, and they all say x-brand gets hot, x-brand slows way down.




My most bombastic entry to date has chosen a brand (western-digital-sandisk)
 and a name within the brand ("Extreme pro")
and nearly a form ("portable SSD," "Solid state flash drive")
and a working theory (so maybe it's true) that the portable SSD-form uses more chips, a larger circuit board. 
WD likes buying companies, and You all know about Sandisk, but there is also a company called G-Drive. It looks like a vented cookie, it goes half as fast as the extreme-pro-portable SSD
(OK Let's face my fears: )
1. A stick named "Extreme Pro"
2. A cookie-shaped-thingy called "Extreme Pro"
3. Another cookie (with airholes) "G Drive Pro"

And the attractiveness factor goes to G-Drive, being rugged and manly (think, "Marlboro" vs "Viceroy" or "Kent") and snooty (It is marketed at Apple snobs)
But the favor in its Plus, it's 30.00 cheaper than extreme pro.
thirty dollars more for a drive marketed mostly for windows.
I choose the Windows!! Beeecause, it's faster and I don't have any sandy-dust or pools of water nearby.
OK I lied about the sandy-dust but I still like the extreme pro better.


























If sex became meaningless (medication or a sims 4 mod,) what would life be like?
Apologies in advance to cats, ladies, copyrighted pictures and you, the lady a few doors down with a cat. But it's a clever picture, one for a different blog-entry.
Man and Mother?
I don't get why there are extension-cords over their heads
Was there a convention before xmas??



This odd link came up (don't ask why) and it Finally gives a freakin' insulin dose.
Basal+carbs-elimination+Sensitivity (high sugar adjustment)
Or Piss on all that,
https://dtc.ucsf.edu/types-of-diabetes/type1/treatment-of-type-1-diabetes/medications-and-therapies/type-1-insulin-therapy/calculating-insulin-dose/
Ahhhh,um, "Total daily" divided by the amount of shots you get in a day.
But their amount is wimpy without that carbs-thing and the sensitivity...If you're bad at math, the page is pretty hopeless, but I'd like to think they tried (and failed) to school me,

My officially given dose (not the one on the prescription on the box) is 75 units daily.
75*4 is how much I weigh (right?)
(Waitasec) Geez, no, I'd be a cow, my chair would break.
But when you add carbs and sensitivity, it kind of gels.

No comments: