Jump to content











Photo
- - - - -

Interesting excersize - crate RAM disk as removable media


  • Please log in to reply
5 replies to this topic

#1 Rootman

Rootman

    Frequent Member

  • Advanced user
  • 382 posts
  • Location:USA

Posted 16 September 2019 - 02:02 PM

I doubt very seriously that anyone would ever have this need for this but I did and took care of it with ImdiskTK in a flash.

 

My organization decided to use BitLocker to encrypt ALL fixed disks.via a AD policy and a script.  Of course they never advised me of this and when I booted to my laptop it asked me to encrypt my HDDs with a PIN.  I dutifully did it and rebooted.  Apparently the script also checks for NEW fixed drives at every boot.  So it kept asking for encryption on my Imdisk RAM drive as it was recreated at every boot the encryption did not keep. 

 

I could have either created an image to load and keep it encrypted over a reboot or do what I did and simply added the advanced option '-o rem' to the RAM disk.  Viola!  The RAM disk is now Removable Disk and the policy / script no longer asks for it to be encrypted. 

 

Sometimes it's easy, sometimes it's hard.  This one I took care of in just a few minutes.

 

KUDOS again to the author of Imdisk and the TK. 


  • v77 likes this

#2 Guest_AnonVendetta_*

Guest_AnonVendetta_*
  • Guests

Posted 16 September 2019 - 09:34 PM

I cant see a need for a removable RAMdisk, except maybe in a one-off scenario like yours.

 

BitLocker, eh? What a joke. Surely Microsoft put a backdoor in it for the NSA. I wont touch BL with a million ft pole. And secured with a PIN?...even bigger joke.

 

The laptop you are using, is it your org's laptop but designated for your (employee) use? Or personal? Because if it's personally, I would definitely choose a more reputable encryption software.



#3 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 17 September 2019 - 11:08 AM

The laptop you are using, is it your org's laptop but designated for your (employee) use? Or personal? Because if it's personally, I would definitely choose a more reputable encryption software.


More than that if the firm can access your personal laptop and mandate *any* AD policy on it, you'd better change your job/employer (like NOW!).

:duff:
Wonko

#4 ambralivio

ambralivio

    Frequent Member

  • Advanced user
  • 195 posts
  •  
    Italy

Posted 17 September 2019 - 09:46 PM

More than that if the firm can access your personal laptop and mandate *any* AD policy on it, you'd better change your job/employer (like NOW!).

:duff:
Wonko

 

@ Wonko,

is your statement related to privacy rights ?

 

ambralivio   :ermm:



#5 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 18 September 2019 - 08:51 AM

@ Wonko,
is your statement related to privacy rights ?
 
ambralivio   :ermm:


It is a genetic rant AGAINST what many people consider the "new-deal", i.e. the BYOD (Bring Your Own Device) madness, some reference JFYI:
https://www.forensic...wtopic/t=10567/

I consider the whole stuff (before and besides any possible implications with privacy) a serious problem of lack of respect for the employee.

As I see it (old fashioned as much as you want), an employer should provide the tools to the employee to do his/her work, and these include any and all computing and communications devices.

The employee should not use corporate devices and infrastructure[1] for personal use, unless in an emergency or similar[2].

:duff:
Wonko

[1] and this includes corporate Wi-Fi, of course no problems if a dedicated/separated from corporate network Wi-Fi is offered by the employer
[2] and I would be rather draconian on this:
during working hours (as an employee) you won't (from the corporate devices and infrastructure):
1) make personal phone calls
2) access your personal e-mail or send e-mails through it
3) check or post on Facebook or Twitter or *whatever*
and you won't either do that on your personal devices if not during pauses/intervals
(and this is the due respect towards the employer)

#6 Rootman

Rootman

    Frequent Member

  • Advanced user
  • 382 posts
  • Location:USA

Posted 18 September 2019 - 01:15 PM

Relax folks, this is a company laptop. So they were perfectly within their right to implement BL - even though it does suck.  I just wish they had warned us ahead of time, we had heard rumors it was coming and told we would know ahead of time - guess what?  We weren't warned.  Being a local IT guy I got all kinds of calls from users wanting to know what the F was going on.  Fun. 

 

I have 24 GB of RAM, so I just carved out 4GB to use as a RAM disk.  Partly to speed up a few disk intensive things I use, and partly just to use the drive letter D: so no USB device would grab it, I have some things that require my USB drive be at higher drive letter, and stupid Windows has a tendency to allow a USB to grab a lower drive letter even though you previously told it to use a higher drive letter.  






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users