3

When you enable BitLocker, there is a period of time where BitLocker is slowly encrypting the contents of the drive in the background. During this time, is it guaranteed that new data written to the disk will be encrypted as it is written? Or is it possible that it will be written to the unencrypted part of the drive, and won't be encrypted until later?

Chris Vasselli
  • 133
  • 1
  • 4

1 Answers1

4

The drive will be treated as a whole, since it's a Disk/Volume encryption (unlike file or system encryption), everything that goes into the disc will be encrypted as it goes in.

UPDATE

Behavior confirmed in Microsoft Tech Net

Credits to Chris Vasselli

Azteca
  • 1,116
  • 7
  • 16
  • Does Microsoft have any documentation that confirms this behavior? I haven't been able to find any. – Chris Vasselli Feb 03 '17 at 15:50
  • I'm sorry @ChrisVasselli , I don't have any documentation that supports it, it's just the way I know that Full Disk Encryption (FDE) software like BitLocker works. – Azteca Feb 03 '17 at 16:44
  • Thanks for taking the time to respond. This is what I thought as well, but I ask because I found [documentation for Symantec's encryption product](https://support.symantec.com/en_US/article.TECH151280.html) which claims it's not the case for that product. Can you explain how Symantec's technology is different from BitLocker? – Chris Vasselli Feb 03 '17 at 19:03
  • @ChrisVasselli Yeah If it's not written in the disk yet, It's not encrypted,. Imagine you copy a file from a USB into your computer. The file you just pasted in a folder inside the windows will be encrypted as it is written, the file on the clipboard you used when you did Ctrl + C can be accessed with a memory dump and will not be encrypted, since it was only stored in memory and not in the disk/volume. – Azteca Feb 03 '17 at 21:06
  • @ChrisVasselli And about the difference that's a vendor specific question and not suitable for this Q&A site :( Plus I don't know the product Symantec offers, sorry. – Azteca Feb 03 '17 at 21:09
  • 2
    I got [confirmation of the behavior from Microsoft](https://social.technet.microsoft.com/Forums/windows/en-US/3006f77a-634f-42e5-a566-c6237be7f8d5/will-new-data-written-to-disk-while-bitlocker-is-encrypting-the-disk-be-encrypted?forum=win10itprosecurity). Thanks @Azteca! – Chris Vasselli Feb 06 '17 at 17:59
  • @ChrisVasselli TYVM for the Link of the confirmation, I'll add it to the answer credits to you! For anyone who's looking for the same question. – Azteca Feb 07 '17 at 01:58