Vista: does BitLocker make a drive less tolerant of bad blocks?

(before anyone says anything - I know I need to have good backups of my data
before embracing bitlocker)

Before BitLocker, if you lost a block, you may not notice a file loss, since
the file may not use the whole sector in which the block resides, but after
BitLocker, if a block is lost, a whole sector becomes unrecoverable,
increasing (relatively) the probability that parts of files will be lost.

Is it reasonable to advise IT departments that, over the lifecycle of all
their BitLocker laptops, they should not be surprised if there is a slight
increase in incidents of file loss due to bad blocks.

And is it a reasonable compensating control to look into more closely
monitoring SMART (Self Monitoring Analysis & Reporting Technology) reports of
imminent drive failures?

Thanks!

You bring up some excellent points about the lost block/sector scenario! I
guess we will, if we enable BitLocker on the systems, be more diligent in
making sure that the units are functioning properly. In a way it is ironic.
By making the system less tolerant of error, this actually increases the
potential of failure and the IT staff workload. Have you submitted your
thoughts to MSFT as Feedback?


"tavis" <tavis@discussions.microsoft.com> wrote in message
news:9550EB1D-EDD7-4905-8E8A-FCAA997FAA99@microsoft.com...
> (before anyone says anything - I know I need to have good backups of my
> data
> before embracing bitlocker)
>
> Before BitLocker, if you lost a block, you may not notice a file loss,
> since
> the file may not use the whole sector in which the block resides, but
> after
> BitLocker, if a block is lost, a whole sector becomes unrecoverable,
> increasing (relatively) the probability that parts of files will be lost.
>
> Is it reasonable to advise IT departments that, over the lifecycle of all
> their BitLocker laptops, they should not be surprised if there is a slight
> increase in incidents of file loss due to bad blocks.
>
> And is it a reasonable compensating control to look into more closely
> monitoring SMART (Self Monitoring Analysis & Reporting Technology) reports
> of
> imminent drive failures?
>
> Thanks!

(I might have confused matters by using the term "block" - I didn't mean the
blocks of cyphertext, or the unix-type block which are like Windows clusters,
but we all know that clusters are typically groups of sectors...)

What I really meant was...

Before encryption, if a single bit of a 512-byte sector became damaged on a
non-SMART hard drive, a file may not be damaged since the file may not use
the whole sector in which the bad bit resides.

With Cypher Block Chaining, an AES 256-bit key would encrypt an entire
sector in 32-byte blocks. If a bit in the sector is lost, the encrypted
32-byte block and all successive chained blocks in the sector would be lost.
Given the probability of where a bit may go bad within a sector, on average
50% of a sector would be lost due to a bad bit.

However, if I understand correctly, most modern and SMART drives
automatically have extra space for each sector to perform CRC integrity
checks, and 20% extra sectors reserved for re-allocation. If a sector should
start to fail, the entire sector is re-constituted in a spare sector, the old
is mapped out, and the new takes over, completely transparently to the disk
driver above.

"Mark D. VandenBerg" wrote:

> You bring up some excellent points about the lost block/sector scenario! I
> guess we will, if we enable BitLocker on the systems, be more diligent in
> making sure that the units are functioning properly. In a way it is ironic.
> By making the system less tolerant of error, this actually increases the
> potential of failure and the IT staff workload. Have you submitted your
> thoughts to MSFT as Feedback?
>
>
> "tavis" <tavis@discussions.microsoft.com> wrote in message
> news:9550EB1D-EDD7-4905-8E8A-FCAA997FAA99@microsoft.com...
> > (before anyone says anything - I know I need to have good backups of my
> > data
> > before embracing bitlocker)
> >
> > Before BitLocker, if you lost a block, you may not notice a file loss,
> > since
> > the file may not use the whole sector in which the block resides, but
> > after
> > BitLocker, if a block is lost, a whole sector becomes unrecoverable,
> > increasing (relatively) the probability that parts of files will be lost.
> >
> > Is it reasonable to advise IT departments that, over the lifecycle of all
> > their BitLocker laptops, they should not be surprised if there is a slight
> > increase in incidents of file loss due to bad blocks.
> >
> > And is it a reasonable compensating control to look into more closely
> > monitoring SMART (Self Monitoring Analysis & Reporting Technology) reports
> > of
> > imminent drive failures?
> >
> > Thanks!
>

This is a valid concern. With AES+Diffuser, a single bit error in a sector
results in the loss of the entire sector. To ensure high reliability, I
recommend the following considerations:

(1) Good quality hard disk. Using a modern SMART drive from a good company
is apropriate.
(2) Good quality cables. I think at times there's too much faith given to
cables
(3) Good quality RAM, at least with parity, but with ECC even better.

These are good things to have anyway

-
Jamie Hunter [MS]

"tavis" <tavis@discussions.microsoft.com> wrote in message
news:A3A1F96E-A0ED-41E6-9642-DFCA9BA4060E@microsoft.com...
> (I might have confused matters by using the term "block" - I didn't mean
> the
> blocks of cyphertext, or the unix-type block which are like Windows
> clusters,
> but we all know that clusters are typically groups of sectors...)
>
> What I really meant was...
>
> Before encryption, if a single bit of a 512-byte sector became damaged on
> a
> non-SMART hard drive, a file may not be damaged since the file may not use
> the whole sector in which the bad bit resides.
>
> With Cypher Block Chaining, an AES 256-bit key would encrypt an entire
> sector in 32-byte blocks. If a bit in the sector is lost, the encrypted
> 32-byte block and all successive chained blocks in the sector would be
> lost.
> Given the probability of where a bit may go bad within a sector, on
> average
> 50% of a sector would be lost due to a bad bit.
>
> However, if I understand correctly, most modern and SMART drives
> automatically have extra space for each sector to perform CRC integrity
> checks, and 20% extra sectors reserved for re-allocation. If a sector
> should
> start to fail, the entire sector is re-constituted in a spare sector, the
> old
> is mapped out, and the new takes over, completely transparently to the
> disk
> driver above.
>
> "Mark D. VandenBerg" wrote:
>
>> You bring up some excellent points about the lost block/sector scenario!
>> I
>> guess we will, if we enable BitLocker on the systems, be more diligent in
>> making sure that the units are functioning properly. In a way it is
>> ironic.
>> By making the system less tolerant of error, this actually increases the
>> potential of failure and the IT staff workload. Have you submitted your
>> thoughts to MSFT as Feedback?
>>
>>
>> "tavis" <tavis@discussions.microsoft.com> wrote in message
>> news:9550EB1D-EDD7-4905-8E8A-FCAA997FAA99@microsoft.com...
>> > (before anyone says anything - I know I need to have good backups of my
>> > data
>> > before embracing bitlocker)
>> >
>> > Before BitLocker, if you lost a block, you may not notice a file loss,
>> > since
>> > the file may not use the whole sector in which the block resides, but
>> > after
>> > BitLocker, if a block is lost, a whole sector becomes unrecoverable,
>> > increasing (relatively) the probability that parts of files will be
>> > lost.
>> >
>> > Is it reasonable to advise IT departments that, over the lifecycle of
>> > all
>> > their BitLocker laptops, they should not be surprised if there is a
>> > slight
>> > increase in incidents of file loss due to bad blocks.
>> >
>> > And is it a reasonable compensating control to look into more closely
>> > monitoring SMART (Self Monitoring Analysis & Reporting Technology)
>> > reports
>> > of
>> > imminent drive failures?
>> >
>> > Thanks!
>>