Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

With the latest W11 you get even more :\

When you install it to a system with other partitions or drives that are accessible, it silently autoencrypts them all using Bitlocker which is now on by default.

It's not too bad unencrypting your C: volume afterward with a few clicks, but if you don't have a Microsoft Account then you won't have a readily available key (to type in) or easy decryption option for the other volumes. It can be a lot easier to reformat and recover those non-C: volumes from backup than bother to decrypt, you've got to virtually overwrite the entire drives anyway :(

Simply installing the latest Windows is definitely more likely to be the direct cause for loss of more gigabytes than most malware I've seen.

It didn't used to be this way.



LOL they accidentally(?) created ransomware. "We've encrypted all your files. Want them back? You must sign up for a Microsoft account."


I don't get the humor


> When you install it to a system with other partitions or drives that are accessible, it silently autoencrypts them all using Bitlocker

Only NTFS/FAT drives, right?


As far as I know.

I assign the standard Linux GUIDs on non-Windows volumes to be sure, as appropriate even though the regular "Basic Volume" GUID is often found since it works "for all".

The standard Linux Partition_type_GUIDs as shown in Wikipedia (please refer to it) after expanding ("show") the condensed table:

4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709 for the OS root

0FC63DAF-8483-4772-8E79-3D69D8477DE4 for data

8484680C-9521-48C6-9C11-B0720656F69E for usr

0657FD6D-A4AB-43C4-84E5-0933C84B4F4F for swap

These can be SET ID from Windows, plus you can set GPT Attributes to hidden and/or readonly temporarily because it is getting more difficult to trust Windows so that's why I'm experimenting so much.

Also you can safely change the ESP volume GUID from standard to basic, and Windows will most likely still boot normally on many PCs, you can then assign a volume letter to the ESP and after another reboot have full admin access to the ESP and its black pearl, the EFI folder within, from the GUI.

Standard ESP C12A7328-F81F-11D2-BA4B-00A0C93EC93B

Basic Data EBD0A0A2-B9E5-4433-87C0-68B6B72699C7

Check my other extensive comment coming soon. :)


These are the GUIDs from the [Discoverable Partitions Specification][dps] should you want to learn more about it (or the GUIDs for non-amd64 systems).

[dps]: https://uapi-group.org/specifications/specs/discoverable_par...


Thanks for that :)

I wondered what those were about, it's good to see this kind of progress toward having things just work.


that's hilarious! I'm on nixos and the only time I had to mess with the partitions was when the old ssd died about 5 years ago and I got a new one.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: