locked
Using Live Mesh with volume encryption RRS feed

  • Question

  • I have a laptop which I keep synced with my desktop using Live Mesh - this works well.

    Recently I have become concerned about the security of data on the laptop and would like to keep it encrypted.

    With this in mind, I have downloaded TrueCrypt and created an encrypted volume to keep sensitive files in. I have also mounted this encrypted volume as a folder in My Documents allowing me to use it transparently. I have also added several folders in MyDocuments to my mesh - some non encrypted folders plus the encrypted one.

    Now for the wierd part. All the non-encrypted folders in MyDocuments that I added to my mesh sync fine, but the encrypted folder only syncs ONE WAY!?!? Any files that I place within it get synced up to my mesh and hence to my laptop, however files added to the folder on the desktop machine get synced up to the mesh, BUT do not get synced down to the laptop.

    Can anyone help me. Is this a generic problem with encrypted files systems or mounted volumes, or is it a specific problem with TreCrypt. I am willing to use another encryption product if it can be shown to be compatible with Live Mesh - what about Vista EFS? (cant use this at the moment because I only have Vista Home Premium).
    Monday, December 29, 2008 11:35 AM

Answers

  • Yes, you can encrypt your existing hard disk with bitlocker without reformatting or anything. You can even keep on working while the disk is being encrypted (I believe a reboot is required at the beginning because a small hidden partition is created).
    If your laptop doesn't have a TPM chip you can make Bitlocker work with a USB stick as authentication token.
    Stefan Krueger, Microsoft MVP - Windows Installer, www.InstallSite.org
    Monday, December 29, 2008 2:48 PM

All replies

  • I'm using Bitlocker (Vista Ultimate) to encrypt my whole hard disk (becaue EFS only encrypts folders, which can leave sensitive data in the swap file or hibernation file unprotected) and it works fine with Live Mesh.
    Stefan Krueger, Microsoft MVP - Windows Installer, www.InstallSite.org
    Monday, December 29, 2008 2:30 PM
  • Can you encrypt an entire harddisk retrospecively with Bitlocker - i.e. when you upgrade to Ultimate - or would you have to rebuild from scratch?
    Monday, December 29, 2008 2:35 PM
  • Yes, you can encrypt your existing hard disk with bitlocker without reformatting or anything. You can even keep on working while the disk is being encrypted (I believe a reboot is required at the beginning because a small hidden partition is created).
    If your laptop doesn't have a TPM chip you can make Bitlocker work with a USB stick as authentication token.
    Stefan Krueger, Microsoft MVP - Windows Installer, www.InstallSite.org
    Monday, December 29, 2008 2:48 PM
  • OK, so the TrueCrypt problem is reproduced with EFS folder encryption under Vista Ultimate.

    I guess I can try bitlocker volume encryption, but I have not got a TPM chip. Hmm
    Tuesday, January 6, 2009 11:17 PM
  •  My pc doesn't have a TPM and I'm using bitlocker with a USB memory stick instead. This requires an extra step, see http://www.vistaclues.com/enable-bitlocker-without-a-tpm/
    Stefan Krueger, Microsoft MVP - Windows Installer, www.InstallSite.org
    Thursday, January 8, 2009 5:19 PM
  • Hi Bazza,

    my entire system partition is encrypted via TrueCrypt. Installed/encrypted on an existing WinXP installation. Running Mesh without any problems.

    /Sven
    Friday, January 9, 2009 5:58 AM
  • OK, so TrueCrypt and EFS folder encryption are both incompatible with LiveMesh, and TrueCrypt and BitLocker volume encryption are both compatible with LiveMesh. Is the former a bug, or is it just because folder encryption and LiveMesh drivers both hook into the OS at the same level?

    I am now happily using bitlocker volume encryption BTW.
    Friday, January 9, 2009 8:38 AM
  • Bazza said:

    I am now happily using bitlocker volume encryption BTW.

    Glad to hear that.

    Live Mesh currently doesn't work with: 
    Files and folders stored on removable media (such as an external hard drive, flash drive, or USB drive)
    Files and folders stored on mapped network drives

    The same may apply to Volumes encrypted with TrueCrypt (because it's mapped as a folder). Note sure about EFS encrypted folders however. Please report this as a bug at connect.microsoft.com
    Stefan Krueger, Microsoft MVP - Windows Installer, www.InstallSite.org
    Friday, January 9, 2009 2:53 PM