Forum Discussion
Can I ask a Bitlocker question?
Wear levelling algorithms are proprietary per drive manufacturer. An attacker would have to work around the firmware to even check out spare blocks, and then hope to understand how data is scattered to piece something meaningful together. Attacking data that way is likely quite difficult, but theoretically possible. The risk to any data present prior to encryption would go down over time after encryption as the drive is used, and spare blocks get reused for wear levelling but of course you’ll never know for sure if everything is encrypted.
Your best bet is to always to encrypt from the start, regardless of the encryption solution which all share the same issue, before any sensitive data is on the drive, so you can achive the assurance you're looking for.
Meaning the data is still there, but not seen by the OS, but could be activated at a later time. A bit "tin-foil-hat" I know, but if there's valuable corporate assets (HR, Credit cards, PII) on the drive, it's a real concern. For instance on a tablet that needs warranty repair by a 3rd party, we can't remove the drive so we must rely on encryption alone.
Wear levelling algorithms are proprietary per drive manufacturer. An attacker would have to work around the firmware to even check out spare blocks, and then hope to understand how data is scattered to piece something meaningful together. Attacking data that way is likely quite difficult, but theoretically possible. The risk to any data present prior to encryption would go down over time after encryption as the drive is used, and spare blocks get reused for wear levelling but of course you’ll never know for sure if everything is encrypted.
Your best bet is to always to encrypt from the start, regardless of the encryption solution which all share the same issue, before any sensitive data is on the drive, so you can achive the assurance you're looking for.