bit-tech.net

Go Back   bit-tech.net Forums > Technology > Software

Reply
 
Thread Tools
Old 19th Apr 2017, 14:42   #1
Porkins' Wingman
Can't touch this
 
Porkins' Wingman's Avatar
 
Join Date: Feb 2008
Posts: 2,884
Porkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming Saiyan
Work laptop - encrypted HDD - cloneable for dual boot?

I'm thinking about getting a used laptop, but part of me is thinking not to and instead make use of my work laptop instead.

However, it has a very locked-down system and even if I could technically bypass the security, I can't install anything on it without breaching work policy etc.

I've thought about the possibility of just buying another HDD and swapping the two around whenever I want to switch from work to personal and back, but I'd prefer to avoid that as sooner or later I suspect I'd run into trouble, wearing out the SATA port or something.

So preferably I'd like to just get a bigger HDD, partition it, clone the work HDD onto one of the partitions and then have my personal OS on another partition.

But the work HDD is encrypted - am I going to run into trouble trying to clone an encrypted drive?
__________________
i5 750; Gigabyte GA P55M UD2; 12gb RAM; Radeon HD 5770 1gb; Corsair 650 TX
Nothing is true. Everything is permitted.
Does not help; Does not clean; Will have sex with anything.
"Porkins' Wingman's post is just about the most thoughtful, inciteful post I have ever read on a public forum anywhere. It has made me think....which is no mean feat in itself." - Provoking thought since 8th March 2014
Porkins' Wingman is offline   Reply With Quote
Old 19th Apr 2017, 17:53   #2
Buzzons
Mod Master
 
Join Date: Jul 2005
Posts: 2,906
Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.Buzzons is the Cheesecake. Relix smiles down upon them.
If you are going to use your work laptop in any way .. I'd recommend using something like a Windows To Go USB drive (to host the OS on) - that way none of your data ever touches the work laptop disk.
Buzzons is offline   Reply With Quote
Old 19th Apr 2017, 18:51   #3
Zoon
Hunting Wabbits since the 80s
 
Zoon's Avatar
 
Join Date: Mar 2001
Location: Somewhere near a dremel in Bristol
Posts: 3,667
Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.Zoon is definitely a rep cheat.
In theory you could encrypt only a partition but almost certainly it's going to be full disk. I don't believe you'd successfully shrink a full disk encryption to just partitions as the unlocker typically replaces the MBR.

If you have an optical drive you can swap it for a generic hard drive caddy if that helps, and then use the Escape / F10 / whatever to boot to the other HDD when you are at home.

Frankly though, and this is coming from someone who consults on security and policy, it is not a good idea at all to do this on your work laptop. If your employer has gone for encryption that mostly implies they care about something like ISO27001; other parts of your IT policy could mean dismissal for something like this.

There's a chap selling cheap Dell ex-corp laptops in the sale forums. Might be better for you.
__________________
Network and Security Professional. Enjoy crawling round in a good dusty data centre.

Click me for a signup bonus on TopCashBack. I'm at 280 cashback over two years. Didn't pay a higher rate to get it, just clicked a link first.

Last edited by Zoon; 19th Apr 2017 at 20:41.
Zoon is online now   Reply With Quote
Old 19th Apr 2017, 19:40   #4
Mister_Tad
Moderator
Modaretor
Moderator
 
Mister_Tad's Avatar
 
Join Date: Dec 2002
Location: Nottingham
Posts: 10,647
Mister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming Saiyan
Does your employer have a BYO policy (or they may trialling one, as many that don't already are, though probably industry dependant)? It doesn't help with not having to buy another laptop, but it could mean you can use one for both business and pleasure.

If you want to do it "right", then ask your IT department what they would recommend. If you haven't asked your IT department because it would be an unequivocal "no way", then you probably have your answer already. It's not really worth potentially losing your job over saving a bit of cash on a laptop.

On the other hand, booting from USB would be the least intrusive and probably wouldn't get you in trouble.
__________________
Dell XPS15 9560 | i7-7700HQ | 32GB DDR4 | GTX1050 | 1TB NVMe | 97WHr | 4K IGZO Touch | Philips 328P 32" 4K | W10 Pro
HP Microserver G8 | Xeon E3-1265Lv2 | 16GB DDR3 12800E | 120GB 840 EVO | HP P222 512MB FBWC | 4x 4TB WD Red | W2016 Std
Mister_Tad is offline   Reply With Quote
Old 20th Apr 2017, 09:19   #5
badders
Neuken in de Keuken
 
badders's Avatar
 
Join Date: Dec 2007
Location: Essex, UK
Posts: 2,626
badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.badders is the Cheesecake. Relix smiles down upon them.
Quote:
Originally Posted by Mister_Tad View Post
...

On the other hand, booting from USB would be the least intrusive and probably wouldn't get you in trouble.
This - I've got an SSD in a USB enclosure with a linux distro installed, and as (one of) my work laptop is not BIOS-locked, I can boot straight from USB.

it's only USB2 though, so I do find myself pulling the original drive and putting the SSD in if I'm going to be using it for more than an hour or two
__________________
Quote:
Originally Posted by Silver51 View Post
John Hanlon standing on an oil pipeline during a blizzard, punching an angry polar bear in the balls. I heard he really did that once.
badders is offline   Reply With Quote
Old 20th Apr 2017, 10:22   #6
Porkins' Wingman
Can't touch this
 
Porkins' Wingman's Avatar
 
Join Date: Feb 2008
Posts: 2,884
Porkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming SaiyanPorkins' Wingman is a Super Spamming Saiyan
Thanks for your thoughts, everyone.

Quote:
Originally Posted by badders View Post
This - I've got an SSD in a USB enclosure with a linux distro installed, and as (one of) my work laptop is not BIOS-locked, I can boot straight from USB.

it's only USB2 though, so I do find myself pulling the original drive and putting the SSD in if I'm going to be using it for more than an hour or two
Wouldn't be surprised if the bios was locked on mine, I haven't checked yet though. I'll chuck a portable OS on a memory card and give it a go to see.
__________________
i5 750; Gigabyte GA P55M UD2; 12gb RAM; Radeon HD 5770 1gb; Corsair 650 TX
Nothing is true. Everything is permitted.
Does not help; Does not clean; Will have sex with anything.
"Porkins' Wingman's post is just about the most thoughtful, inciteful post I have ever read on a public forum anywhere. It has made me think....which is no mean feat in itself." - Provoking thought since 8th March 2014
Porkins' Wingman is offline   Reply With Quote
Old 21st Apr 2017, 15:38   #7
Byron C
ᴾᵒᵒᵖ
 
Byron C's Avatar
 
Join Date: Apr 2002
Location: Cardiff
Posts: 3,988
Byron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming SaiyanByron C is a Super Spamming Saiyan
Quote:
Originally Posted by Mister_Tad View Post
On the other hand, booting from USB would be the least intrusive and probably wouldn't get you in trouble.
It would here. Our laptops are BIOS locked, but even if they weren't I would be in serious doo-doo for breach of IT policy if I was ever caught doing something like that. Words like "dismissal" and "gross misconduct" spring to mind.

To be honest I agree with this:

Quote:
Originally Posted by Zoon View Post
Frankly though, and this is coming from someone who consults on security and policy, it is not a good idea at all to do this on your work laptop. If your employer has gone for encryption that mostly implies they care about something like ISO27001; other parts of your IT policy could mean dismissal for something like this.
If they're using encryption then it's very likely that there is data on your work laptop that should never be seen outside of that organisation. Booting from USB could easily be interpreted as an attempt to circumvent that encryption, regardless of your intentions. If there's any personally identifiable data on that machine then it's heading towards "criminal prosecution, fines, jail" territory.
__________________

Saturn: Gen8 Microserver, G1610T, 4GB RAM, 5TB Disk | Titan: Raspberry Pi 2 Model B, 160GB USB HDD | Rhea: XW4600 Workstation, Xeon X3323, 4GB RAM, 292GB 15K SAS Array | Earth: RVZ01, i5-4670K, GA-Z97N-WIFI, 8GB RAM, 4GB GTX970 | Mars: Dell Inspirion 15-7559, i7-6700HQ, 16GB RAM, 4GB GDDR5 GTX960M
Byron C is offline   Reply With Quote
Old 21st Apr 2017, 15:58   #8
Mister_Tad
Moderator
Modaretor
Moderator
 
Mister_Tad's Avatar
 
Join Date: Dec 2002
Location: Nottingham
Posts: 10,647
Mister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming SaiyanMister_Tad is a Super Spamming Saiyan
Quote:
Originally Posted by Byron C View Post
It would here. Our laptops are BIOS locked, but even if they weren't I would be in serious doo-doo for breach of IT policy if I was ever caught doing something like that. Words like "dismissal" and "gross misconduct" spring to mind.
No disagreement from me - what I meant was they're unlikely to find out you're doing it, rather than they won't care you're doing it.
__________________
Dell XPS15 9560 | i7-7700HQ | 32GB DDR4 | GTX1050 | 1TB NVMe | 97WHr | 4K IGZO Touch | Philips 328P 32" 4K | W10 Pro
HP Microserver G8 | Xeon E3-1265Lv2 | 16GB DDR3 12800E | 120GB 840 EVO | HP P222 512MB FBWC | 4x 4TB WD Red | W2016 Std
Mister_Tad is offline   Reply With Quote
Old 22nd Apr 2017, 14:59   #9
tk421
Idiot.
 
tk421's Avatar
 
Join Date: Jan 2002
Location: ohio
Posts: 2,396
tk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for presidenttk421 should be considered for president
this is EXACTLY why i thank the deity of your choice that i am out of the hardware realm of IT and into virtulization.

user is a 4 letter word ...
__________________
:gamebox: |r7 1700x|asus b350m-a|2x8 corsair white LED 2666|256 960evo|256 810|2+4tb WD blues|h100iv2(soon!)|4xhd120/LNP/CLmini|carbide Air240-white|dell s2340m|
:htpc: q6600@3.03|MSI Neo3f(p43)|4x2gb pc6400|evga gt 710|CM590||vizio D50u-D1 |
tk421 is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 19:41.
Powered by: vBulletin Version 3
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.