1

My Windows 10 system was fully encrypted (FDE) using Bitlocker and hardware encryption capabilities of the laptop and the Samsung EVO SSD (how to here).

Here is what I just saw typing manage-bde -status:

BitLocker Version:    None
Conversion Status:    Fully Decrypted
Percentage Encrypted: 0.0%
Encryption Method:    None
Protection Status:    Protection Off
Lock Status:          Unlocked
Identification Field: None
Key Protectors:       None Found

To be clear, I never decrypted this drive neither did I authorize any decryption.

So my question: Is my drive really decrypted or is it possible that the information provided by the command is misleading ?

Taking out the drive from this laptop is not an easy task, so to make a quick test I disabled the UEFI boot and tried to start Windows: it asked me for the BitLocker recovery key. Does it mean that the encryption is still in place?

If the drive really got decrypted: how was such a thing possible and what are the alternatives for FDE using hardware encryption and independent from Microsoft?

Community
  • 1
Zini
  • 61

1 Answers1

1

The problem was caused by the Intel(R) Rapid Storage Technology (RST) driver that got installed by automatic updates. This driver has a known incompatibility with self encrypted drives.

It appears that the SSD has never been decrypted, but Bitlocker was unable to read its status properly due to the Intel RST. Replacing the faulty driver fixed the issue: now Bitlocker detects again, a fully hardware encrypted drive.

How To: Remove the Intel RST driver

  1. Create a system restore point in case something goes wrong;
  2. in the Device Manager locate the IDE ATA/ATAPI controllers;
  3. open the Intel(R) ___ SATA AHCI Controller;
  4. go to the Driver tab;
  5. click Update Driver...;
  6. click Browse my computer for driver software;
  7. click Let me pick from a list of device drivers on my computer;
  8. select the Standard SATA AHCI Controller;
  9. apply and reboot;
  10. BitLocker should now resume and detect that the drive is hardware encrypted, you can check it with manage-bde -status.

Source: Uninstalling the Intel(R) Rapid Storage Technology driver

Note: If it doesn't work, check the link above. And if you are still stuck, you can try - at your own risk - to completely remove the Intel RST driver. On reboot Windows will be unable to detect a boot device, and you will have to enter your Bitlocker recovery key and attempt an automatic repair. It should work and you should then be able to boot to your system that will be running on the Standard SATA AHCI Controller.

Zini
  • 61