Jump to content

Hard disk now corrupt

sb2k

By sb2k
in Defraggler

 Share

Recommended Posts

tyorty

tyorty

Posted
Posted

I'm running SafeBoot v5.2 on a Dell laptop and have had training from McAfee on it. Unfortunately, there is no way to gain access to an encrypted machine with out the daily access code from McAfee or a valid login ID on the machine with the SafeBoot client installed. This is client-server technology and a server administrator can reset the SafeBoot p/w if needed. From the SafeBoot Admin console, there is an option to decrypt the machine, but it has to be able to synch to the SafeBoot server to do that.

 

Neither resetting a p/w or having the daily code from McAfee will solve the problem of defraggler moving the safeboot.fs which sounds strange to me. I know of no way to move it back, if it actually was moved. McAfee SafeBoot tech support may help. In the admin guide I have the # is 877-330-2424 and supportus@safeboot.com I'm not sure who is responding to that or if it's from Control Break or McAfee... Good luck. I'm betting on a fdisk and reinstall solution is all you're going to be able to do. If that's the case, McAfee has a BartPE with WinTech (which requires the daily access code) to get you into a functioning encrypted hard drive to save data off before rebuilding.

 

YoKenny, my day-job involves databases and writing interfaces that exchange data with clients and suppliers. My company has allowed me to work-from-home a few days a week, so long as I can show that any data on my PC is secure. Hence the need for Safeboot.

 

I'm sorry, but I have neither the time nor energy to debate the merits of encryption with you right now.

 

 

Hazelnut, thanks for keeping this discussion on-topic. I also appreciate your suggestion of emailing encryption solutions. I will give that a go and see what develops.

 

 

 

I haven't been too diligent in my backups of late (I know :unsure: ), so I really don't want to fdisk the PC and start again. If I still haven't resolved this a week from now, I think I will have to buy a replacement HDD to reinstall XP onto - and hope that I can recover the disk at a later date.

 

If I find a solution, I will update this thread. If you're reading this months/years from now and I have not replied, then assume the worst - you will need to reformat your drive.

Link to comment
Share on other sites
Cheese

Cheese

Posted
Posted
I'm running SafeBoot v5.2 on a Dell laptop and have had training from McAfee on it. Unfortunately, there is no way to gain access to an encrypted machine with out the daily access code from McAfee or a valid login ID on the machine with the SafeBoot client installed. This is client-server technology and a server administrator can reset the SafeBoot p/w if needed. From the SafeBoot Admin console, there is an option to decrypt the machine, but it has to be able to synch to the SafeBoot server to do that.

 

Neither resetting a p/w or having the daily code from McAfee will solve the problem of defraggler moving the safeboot.fs which sounds strange to me. I know of no way to move it back, if it actually was moved. McAfee SafeBoot tech support may help. In the admin guide I have the # is 877-330-2424 and supportus@safeboot.com I'm not sure who is responding to that or if it's from Control Break or McAfee... Good luck. I'm betting on a fdisk and reinstall solution is all you're going to be able to do. If that's the case, McAfee has a BartPE with WinTech (which requires the daily access code) to get you into a functioning encrypted hard drive to save data off before rebuilding.

Again, he can have his Safeboot admin perform an Emergency Boot, this issue CAN be corrected, and also, the supportus@safeboot.com is no longer a valid email address.
Link to comment
Share on other sites
tyorty

tyorty

Posted
Posted

I think you are wasting time trying to circumvent SAfeBoot encryption and tweaking the MBR and SFBR. Whenever a file is written to supported storage media the SafeBoot Content Encryption filter executes assigned encryption policies and encrypts the file if applicable. When an application later reads the file, the encryption filter automatically decrypts the file when it is read into memory. The source file always remains encrypted on disk.

When the application closes the file, the memory is wiped and the original file is still encrypted on disk. No decrypted traces of the file remain in RAM.

 

Encrypted folders and files are always visible to the user. Thus, the user can search for, and will recognize files and folders as before encryption. A small key hole icon can be optionally attached to the file or folder icon, marking it as encrypted.

 

You can create a policy from the SafeBoot Management Centre, and then create an install set from it. When the SafeBoot Content Encryption client then is installed, the user that logs on will be forced to retrieve the proper policy assigned to him/her in the central database.

 

With central management using the SafeBoot Administration System, and distribution of encryption keys using the secure SafeBoot Server, it is easy to allow sharing of encrypted files within an organization. By assigning groups of users to encryption keys, the users in the group can exchange and read encrypted files like any other file, without noticing any difference. Users not assigned to the key will not be able to read files encrypted with that key.

SafeBoot Content Encryption encrypts the Windows' pagefile. This feature is automatic and cannot be configured or disabled. The pagefile is encrypted with a temporary encryption key created at each boot occasion. Thus, the pagefile encryption key is discarded once the computer shuts down, while the pagefile still is encrypted.

 

The 'Safeboot' the original poster is talking about is a piece of encyption software which makes it's own modified version of MBR.

 

If you read what the poster said here

From what I can gather, Safeboot replaces the MBR with its own version. The Safeboot MBR loads the decryption driver which unlocks the drive and allows Windows to start up normally.

 

I am assuming that the modified MBR points to the physical location on the HDD where safeboot.fs is stored. As this file has been moved, the Safeboot MBR does not know where to find it.

 

You can now see what a difficult situation he is in.

 

But thanks for the MBRfix you posted anyway. It may help users who have that problem

Link to comment
Share on other sites
Cheese

Cheese

Posted
Posted

 

McAfee now has a windows version of SafeTech which runs from a BartPE, but you still need the daily authorization code to get past the encryption.
It's called Wintech, and it's a bootable CD, it's not used from Windows. And yes, the Code of the day is still required.
Link to comment
Share on other sites
sb2k

sb2k

Posted
  • Author
Posted
If his IT people still support it, they can do this, even with limited support from customer service. They need a Safetech disk, a code of the day, and if they know how to do the steps, it takes 10 min or so to get it back up and running.

 

I have had to deal with this software in my profession for close to 2 years, I am very familiar with how it works and what needs to be done

 

Thanks for the suggestions Cheese.

 

Unfortunately, the IT dept are not going to be of much help here. Safeboot was a private purchase. We also have no agreements with McAfee for support, as we don't appear to use any of their products. The helpdesk have no experience with encryption software as no-one outside of IT has this type of software installed.

 

The person I spoke to at Safeboot was Simon Hunt, their Chief Technology Officer. He told me that without the recovery disk there was nothing I could do. Perhaps I caught him at a bad time and was given the 'easy' answer? As I'm still here, you might conclude that I haven't given up hope yet - despite the official verdict.

 

As I mentioned earlier, I did come across references to this 'SafeTech' recovery application, but without the password required to run it, I am no closer to finding a solution. If you have any suggestions on how I might obtain this password, then please feel free to point me in the right direction.

 

PS - You are correct, $350m. I mixed my $/? signs up and did an unnecessary currency conversion.

Link to comment
Share on other sites
sb2k

sb2k

Posted
  • Author
Posted
.. You can create a policy from the SafeBoot Management Centre, and then create an install set from it. When the SafeBoot Content Encryption client then is installed, the user that logs on will be forced to retrieve the proper policy assigned to him/her in the central database.

 

Thanks for the information Tyorty, but unfortunately my problem relates to a different version of SafeBoot.

 

A few years ago, Control Break decided to enter the 'consumer encryption' market and launched a product known as SafeBoot Solo. Priced at around $100, they sold many copies. The program was based on the same source code as the enterprise version, but most of the features you mention, were stripped out of it.

 

About a year after its launch, Control Break pulled-the-plug and stopped selling Solo. Some speculate that Solo was pulled because it was damaging sales of its enterprise product. The official line is that supporting the product became too costly and the whole exercise was just an experiment.

Link to comment
Share on other sites
Cheese

Cheese

Posted
Posted
Thanks for the suggestions Cheese.

 

Unfortunately, the IT dept are not going to be of much help here. Safeboot was a private purchase. We also have no agreements with McAfee for support, as we don't appear to use any of their products. The helpdesk have no experience with encryption software as no-one outside of IT has this type of software installed.

 

The person I spoke to at Safeboot was Simon Hunt, their Chief Technology Officer. He told me that without the recovery disk there was nothing I could do. Perhaps I caught him at a bad time and was given the 'easy' answer? As I'm still here, you might conclude that I haven't given up hope yet - despite the official verdict.

 

As I mentioned earlier, I did come across references to this 'SafeTech' recovery application, but without the password required to run it, I am no closer to finding a solution. If you have any suggestions on how I might obtain this password, then please feel free to point me in the right direction.

 

PS - You are correct, $350m. I mixed my $/? signs up and did an unnecessary currency conversion.

Ah, yes, if it was a private purchase, then unfortunately, there isn't much that can be done to be honest. And I am familiar with Simon :)
Link to comment
Share on other sites
sb2k

sb2k

Posted
  • Author
Posted
Ah, yes, if it was a private purchase, then unfortunately, there isn't much that can be done to be honest. And I am familiar with Simon :)

 

Are you saying Cheese, that recovery of a corrupt SafeBoot disk depends on whose chequebook was used to buy it?

 

I thought I knew Simon as well, but was a little disappointed with his reply of "sorry, you're fcuked".

 

If you're saying that a solution to this problem exists, but is only available to enterprise customers, then please state this in your reply.

Link to comment
Share on other sites
Cheese

Cheese

Posted
Posted
Are you saying Cheese, that recovery of a corrupt SafeBoot disk depends on whose chequebook was used to buy it?

 

I thought I knew Simon as well, but was a little disappointed with his reply of "sorry, you're fcuked".

 

If you're saying that a solution to this problem exists, but is only available to enterprise customers, then please state this in your reply.

You are correct, it is only available to enterprise customers.
Link to comment
Share on other sites
  • 4 weeks later...
SafeBoot

SafeBoot

Posted
Posted
Are you saying Cheese, that recovery of a corrupt SafeBoot disk depends on whose chequebook was used to buy it?

 

I thought I knew Simon as well, but was a little disappointed with his reply of "sorry, you're fcuked".

 

If you're saying that a solution to this problem exists, but is only available to enterprise customers, then please state this in your reply.

 

Whoa there Tiger! being toasted or not (I refuse to swear in public) has nothing to do with the purchase - simply, there are two places the keys are stored, one is on the disk protected with your password (and lost now because of the rubbish defrag tool moving things it should not), and one in the recovery pack which the OP has lost.

 

don't chastise me because a security product is doing EXACTLY what it's designed to do - prevent someone who does not have a legal key from getting access to the data. The enterprise tool mentioned replaces the OP's recovery disk - all the recovery data is stored up in a central server. Obviously the "solo" version doenst have this feature, so sure, he can get a copy of the enterprise stuff, but it's not going to help him without his individual key.

 

shame on you sb2k!

Link to comment
Share on other sites
  • Moderators
hazelnut

hazelnut

Posted
  • Moderators
Posted
(and lost now because of the rubbish defrag tool moving things it should not)

 

You are out of order stating that.

 

We do not know what happened, other people use encryption and have no problems.

 

Support contact

https://support.ccleaner.com/s/contact-form?language=en_US&form=general

or

support@ccleaner.com

 

Link to comment
Share on other sites
sb2k

sb2k

Posted
  • Author
Posted
Whoa there Tiger! being toasted or not (I refuse to swear in public) has nothing to do with the purchase - simply, there are two places the keys are stored, one is on the disk protected with your password (and lost now because of the rubbish defrag tool moving things it should not), and one in the recovery pack which the OP has lost.

 

don't chastise me because a security product is doing EXACTLY what it's designed to do - prevent someone who does not have a legal key from getting access to the data. The enterprise tool mentioned replaces the OP's recovery disk - all the recovery data is stored up in a central server. Obviously the "solo" version doenst have this feature, so sure, he can get a copy of the enterprise stuff, but it's not going to help him without his individual key.

 

shame on you sb2k!

 

If you properly read the above comments you will see that I made no such accusation. Rightly or wrongly, it was suggested that SafeBoot had a tool to recover a screwed up SafeBoot disk - and I was being denied this tool because you were unlikely to make any more money from me.

 

 

Ah, yes, if it was a private purchase, then unfortunately, there isn't much that can be done to be honest. And I am familiar with Simon :)

 

 

If you're saying that a solution to this problem exists, but is only available to enterprise customers, then please state this in your reply.

 

 

You are correct, it is only available to enterprise customers.

 

The key selling point to the enterprise version of SafeBoot, is that security is centrally managed (i.e. fully under IT's control). The suggestion that every time a user's password needs to be reset, someone has to phone SafeBoot support to obtain the "code-of-the-day" is simply ludicrous. If SafeBoot ceased to trade, the customer would not be able to obtain the code-of-the-day and would lose their data. Nobody in their right mind would buy a "security product" that puts the company's data at such risk.

 

I seem to recall from a few years ago that there were a lot of accusations that you were decrypting your customers' hard drives (via a backdoor) for various authorities - and charging a hefty fee. In fact, at one point it was claimed that you were making more money from offering this service than you were from selling the product.

 

Given your track-record, I'm surprised anyone's still buying your product. :blink:

Link to comment
Share on other sites
  • 6 months later...
SafeBoot

SafeBoot

Posted
Posted

there's no tool we have which will get around the fact your keys are lost because a) defrag moved something it should not B) you don't have your original key disk. There are no back doors - if you had every tool I had, you'd still not be able to get your data back with out the keys. There's nothing I can sell you to get around the fact that a bulletproof security product is doing it's job.

 

The code-of-the-day is not needed to reset someones password, it's needed to run the root disaster recovery kit. Of course, every enterprise customer can get the code from our portal at will, and most get them in blocks in advance. Even though if you had the code, it would not help you because you don't have your key.

 

re your last comment though, you are misinformed - the flack was because another individual user who screwed up his machine in much the same way you did, posted his drive (and key disk) to me via USPS in a brown paper envelope and it arrived physically broken. He was upset at the fact I would not pay for data recovery services. Thus he went on a rant. You can find his entertaining text all over google groups still to this day.

 

I'm sorry you lost your data, but please don't blame me or the product - if you had your key disk you'd be ok and it would be a 10min fix. I think it's unfair to hold me responsible for loosing it. It would be like blaming Ford when your car ran out of gas...

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept