Trying to set up Crucial M500 encryption

Joined
Jul 22, 2005
Messages
33
Problem
Recently I installed the solid-state Crucial M500 drive for my computer and reinstalled Windows 7. It is SO FAST and I love it! However, I cannot figure out how to get the encryption working.

Goal
Want to set up full disk encryption using this self-encrypting drive; want to require password on system startup; encryption must be as secure as possible!

System
Build: Samsung Q430 laptop
OS: Windows 7 Home Premium 64-bit
BIOS: Phoenix Securecore NB Version 04KF.M013.20100623.KSJ
SMBIOS Version: 2.6
Processor: Intel Core i5 CPU M450 @ 2.40 GHz (4 CPUs), ~2.4GHz
Memory: 8 GB RAM
GPU: NVIDIA GeForce 310 M 4 GB memory
Hard drive: Crucial M500 480GB SATA 2.5-Inch 7mm (with 9.5mm adapter) Internal Solid State Drive CT480M500SSD1

Considerations
The SED requires some kind of third-party software to manage keys and properly encrypt the data. I'm not a computer expert, so from what I Googled, it seems that only Wave Encryption, WinMagic-SecureDoc, and Bitlocker for Windows 8 are compatible with Crucial M500, but those first two are expensive enterprise software.

Thus my first approach would just be to upgrade to Windows 8 and use the built-in Bitlocker--is that any guarantee that this would work? How can I be sure that my system will be fully compatible and support what I'm trying to do? I just want to get the Crucial M500 encryption to work and protect my data.

I read somewhere that the computer has to be UEFI-compatible and/or support Secure Boot in order to manage the SED feature. Is this correct? How do I know if my computer has this? Can anyone suggest instructions or help explain how to set up encryption for my SSD?

I've looked everywhere and can't find clear, concise information about configuring the Crucial M500 encryption. I'd greatly appreciate any assistance! Thanks in advance! :)
 
Are you one of those guys that insist on running a secure erase 10 times before submitting an RMA?

Unless you have govt/industrial secrets on there, encryption is just over the top and can severely limit your chances of data recovery if there comes a time when it's needed.

If you're serious about encryption you'll have to upgrade to W8 Pro or Enterprise and purchase BitLocker to keep your porn safe. :D
 
For a deskop I would normally say don't bother however a laptop can get lost or stolen. I remember the time last year where I thought I left my 6+ year old laptop in my car in work parking lot (which happens to be a university) anyways I was very scared when I got home that I could not find the laptop at my house or the car. Not worried about the laptop at all since its probably worth $50 but my concern was any password that is stored in the browser, cache... I have hundreds of accounts way more than I could remember to change. After I could not find it I spent 30 minutes or so changing my lastpass password and also all the passwords that I could remember that I do not put in lasspass (like banks ...). Very furstrating. Although it turns out I left the laptop at my brotherinlaw's house..
 
Last edited:
For a deskop I would normally say don't bother however a laptop can get lost or stolen. I remember the time last year where I thought I left my 6+ year old laptop in my car in work parking lot (which happens to be a university) anyways I was very scared when I got home that I could not find the laptop at my house or the car. Not worried about the laptop at all since its probably worth $50 but my concern was any password that is stored in the browser, cache... I have hundreds of accounts way more than I could remember to change. After I could not find it I spent 30 minutes or so changing my lastpass password and also all the passwords that I could remember that I do not put in lasspass (like banks ...). Very furstrating. Although it turns out I left the laptop at my brotherinlaw's house..

While I totally agree with ya (I also have hundreds of passwords) I have configured W7 to not save any.

I believe an easier solution would be to use RoboForm portable with a nice long pass that includes small/capitol letters along with numbers.

But,to each their own. :)
 
lasspass works similar however I know I was logged in to lasspass when I put the laptop to sleep. I guess I should turn off the always stay logged in. Although with my arthritic fingers I hate typing long passwords that I get wrong a few times before typing correctly. Although with win8 I guess I can have it reveal the password while typing so I can spot my mistake before submitting. On top of that I do not trust lasspass for my financial passwords. I mean their servers have been hacked at least 1 time since I started using that so these passwords are not in the database but some could be in the browser save password. I guess I have to think differently from using a desktop and a laptop.
 
Unless you have govt/industrial secrets on there, encryption is just over the top and can severely limit your chances of data recovery if there comes a time when it's needed.

I do have such information on my laptop, and I don't need your opinion on my level of security or what I'm protecting. The original question stands: is there a simple way for me to do what I have listed in the "Goal" section of the original post?

If you're serious about encryption you'll have to upgrade to W8 Pro or Enterprise and purchase BitLocker

Have you tried this personally or are you just guessing? Can you help me know if my system hardware/software would be compatible with this effort?

Please, let's keep this on-topic. I'm asking for your help here, everyone.
 
Are you one of those guys that insist on running a secure erase 10 times before submitting an RMA?

Unless you have govt/industrial secrets on there, encryption is just over the top and can severely limit your chances of data recovery if there comes a time when it's needed.

If you're serious about encryption you'll have to upgrade to W8 Pro or Enterprise and purchase BitLocker to keep your porn safe. :D

Bitlocker is pretty bad, it doesn't actually meet government encryption standards they just used it because at the time it was the only choice. Microsoft has a recovery tool that lets you recover a bitlockered drive you lost the password to. I mean, for most people that's probably fine but if your actually trying to like encrypt to the point where if your not the NSA your not going to get it, there are better choices like truecrypt
 
Have you tried this personally or are you just guessing?

Pretty simple answer.

Read about it on the MS website or Google bitlocker+windows+8.

I do have such information on my laptop, and I don't need your opinion on my level of security or what I'm protecting.

I'm sorry but there's way too many that have no real legitimate need for any encryption other than over-paranoia.

While you didn't disclose the actual reasons for your need, unless it's your personal sensitive info I would think that a company/govt. agency would provide the help/program to insure security.

Sorry if I offended you but you are the first poster I've ever read having a legit need and asking about it on a public forum and I've been around many forums for quite awhile.

I just call 'um like I see 'um. :D
 
Bitlocker is pretty bad, it doesn't actually meet government encryption standards they just used it because at the time it was the only choice. Microsoft has a recovery tool that lets you recover a bitlockered drive you lost the password to.

Wow that is shady! Thanks for that info. I'll avoid Bitlocker.

I mean, for most people that's probably fine but if your actually trying to like encrypt to the point where if your not the NSA your not going to get it, there are better choices like truecrypt

I agree, TrueCrypt is excellent. But I am trying to find software for my Crucial M500 Self-Encrypting Hard Drive. Sure, I could set up pre-boot authorization with TrueCrypt, but I want to use the hardware encryption that this SSD provides. Can anyone recommend software other than Bitlocker that I can use to get the hardware-based encryption set up?

Pretty simple answer.
I'm sorry but there's way too many that have no real legitimate need for any encryption other than over-paranoia.

Sorry if I offended you but you are the first poster I've ever read having a legit need and asking about it on a public forum and I've been around many forums for quite awhile.

No worries, I'm asking publicly because I don't have anything illegal on my computer or crazy government secrets or anything lol, just lots of personal info (credit card, taxes, addresses, passwords) and work documents (healthcare and patient-related so privacy is extremely important). Our IT department isn't great, so I just wanted to take matters into my own hands, use this cool HDD I have, and learn something along the way.
 
I don't have anything illegal on my computer or crazy government secrets or anything lol, just lots of personal info (credit card, taxes, addresses, passwords) and work documents (healthcare and patient-related so privacy is extremely important).

These are the type of things that can be put on an encrypted USB stick with along with other programs.

Doesn't seem to me you need the whole drive encrypted and like I said before, it can lead to major problems......especially if you don't have backups.

I've commented enough on your learning experience with the cool new drive but will leave you to ponder about the learning experience if or when the encrypted drive fails.

That would be a doozie. :D
 
Last edited:
Bitlocker is pretty bad, it doesn't actually meet government encryption standards they just used it because at the time it was the only choice. Microsoft has a recovery tool that lets you recover a bitlockered drive you lost the password to. I mean, for most people that's probably fine but if your actually trying to like encrypt to the point where if your not the NSA your not going to get it, there are better choices like truecrypt

Do you have links for this claim? Bitlocker is FIPS approved, as long as you change a policy setting before you start. The only crack I'm aware of is the cold boot method, which is going to effect others besides bitlocker, like truecrypt (and what microsofts own cofee toolkit for police uses). That's why you don't leave a bitlocked laptop running when you aren't around, you shutdown and power off.

All things said, if someone really needed to hide something, the truecrypt hidden volume method would be better.
 
Do you have links for this claim? Bitlocker is FIPS approved, as long as you change a policy setting before you start. The only crack I'm aware of is the cold boot method, which is going to effect others besides bitlocker, like truecrypt (and what microsofts own cofee toolkit for police uses). That's why you don't leave a bitlocked laptop running when you aren't around, you shutdown and power off.

All things said, if someone really needed to hide something, the truecrypt hidden volume method would be better.

bitlocker is only 128bit aes encryption. NSA wants at least 192 minimum for top secret.:D
 
Have you thought about purchasing a Windows 7 upgrade from Microsoft through the web so you can get BitLocker? I think Enterprise and Ultimate include it.
 
We use bitlocker for SED machines and trucrypt for the users who wont pay to upgrade to Win7 ultimate or Win8 pro. I work in the healthcare field and these options are good for what you Have and complies with Hippa standards. its not the best but the other software's are expensive and unnecessary in the health care environment, 99% of the time.

I agree that FDE can cause problems down the road, and unless you frequently risk loosing your laptop having encrypted hidden containers in the OS is the better way to go, IMO of course.
 
I agree that FDE can cause problems down the road, and unless you frequently risk loosing your laptop having encrypted hidden containers in the OS is the better way to go, IMO of course.

I only use bitlocker on my small travel laptop (with usb auth key that is carried with me), not on my main work laptop that's either with me or at home. truecrypt doesn't work for me, as I use dropbox & boxcryptor to keep things like vpn & ssh keys and rdp manager in sync between the machines. It's pretty slick.

Next work laptop ideally will work with the bitlocker / edrive / self encrypted drives thing so there is no performance penalty.
 
Thank you all for your help thus far answering my questions :)


Great, I'll look into that. Do you know anything about annual fees, or if that's just a one-time purchase? Since it seems kind of corporate I don't know what to expect in terms of annual "tech support" fees or whatever.

Have you thought about purchasing a Windows 7 upgrade from Microsoft through the web so you can get BitLocker? I think Enterprise and Ultimate include it.
We use bitlocker for SED machines and trucrypt for the users who wont pay to upgrade to Win7 ultimate or Win8 pro. I work in the healthcare field and these options are good for what you Have and complies with Hippa standards. its not the best but the other software's are expensive and unnecessary in the health care environment, 99% of the time.

Well that is a good endorsement, since it's directly relevant to my field. Is Bitlocker 100% free with Windows 8, i.e. no hidden fees or subscriptions? Is it very secure when used properly? I've heard very passionate conflicting information about Bitlocker's integrity and security strength... e.g. some people think it's "easy to break" and even may have "backdoors" but I don't know if that's paranoia or what. Any thoughts from experienced users on this?

I agree that FDE can cause problems down the road, and unless you frequently risk loosing your laptop having encrypted hidden containers in the OS is the better way to go, IMO of course.

The problem with hidden contains is that they can cause data leaks. For example, your data or at least file names can be cached in the Microsoft Outlook/Word temp files or elsewhere in the OS; whereas if you're using FDE, that's already protected. Part of my reason for using FDE is to make data leaks a non-issue.

encryption ... can severely limit your chances of data recovery if there comes a time when it's needed.

Thanks again for all the help. If I'm good at backing up my data consistently and producing Rescue Disks, is this a concern? I use Comodo, which has worked for me in the past, but haven't tried it on a SED like this yet. Is there a difference? I wouldn't ever need to use forensics or anything to recover data from my drive since it's all backed up. In fact, that type of recovery is precisely what I'm trying to prevent.
 
bitlocker is free on Win 7/8 pro and up, no recurring fee. It appears to be basically as secure as other products, assuming you follow the best practices. If you are wanting to hide legit but confidential files, it's good enough to cover your liability if someone steals your laptop. Common thieves aren't going to bother cracking encryption, they'll just try to wipe it and resell it. If it's illegal data, then criminals will simply beat you until you give up the password, or the feds will just lean on you and make your life hell until you give up the password.
 
I only use bitlocker on my small travel laptop (with usb auth key that is carried with me), not on my main work laptop that's either with me or at home. truecrypt doesn't work for me, as I use dropbox & boxcryptor to keep things like vpn & ssh keys and rdp manager in sync between the machines. It's pretty slick.

Next work laptop ideally will work with the bitlocker / edrive / self encrypted drives thing so there is no performance penalty.

sounds pretty slick for sure.
 
Thank you all for your help thus far answering my questions :)


Well that is a good endorsement, since it's directly relevant to my field. Is Bitlocker 100% free with Windows 8, i.e. no hidden fees or subscriptions? Is it very secure when used properly? I've heard very passionate conflicting information about Bitlocker's integrity and security strength... e.g. some people think it's "easy to break" and even may have "backdoors" but I don't know if that's paranoia or what. Any thoughts from experienced users on this?

The problem with hidden contains is that they can cause data leaks. For example, your data or at least file names can be cached in the Microsoft Outlook/Word temp files or elsewhere in the OS; whereas if you're using FDE, that's already protected. Part of my reason for using FDE is to make data leaks a non-issue.

Thanks again for all the help. If I'm good at backing up my data consistently and producing Rescue Disks, is this a concern? I use Comodo, which has worked for me in the past, but haven't tried it on a SED like this yet. Is there a difference? I wouldn't ever need to use forensics or anything to recover data from my drive since it's all backed up. In fact, that type of recovery is precisely what I'm trying to prevent.

BItlocker is free with no recurring fees. I concur with Dave99, that its as secure as any other Free encryption. ive not had any issues. And as long as you are diligent in backups and safely storing your encryption keys & Rescue disks you should be ok, with FDE, im just a worrier =) as for using Comodo ive never used it. I use Symantec SSR even on workstations, imo its the best solution, but its very expensive in an end user environment, as long as comodo is producing system images then it should be ok. I doubt that it being an SSD or SED would affect it, but i would do a little research on it to be sure.
 
Thank you all for the responses. I think I will go with Bitlocker on Windows 8.1 for my SSD machines and TrueCrypt on my HDD machines.
 
shouldn't the self-encryption stuff be done via the bios in your laptop? This is an option on pretty much all the business lenovos & I'd imagine latitudes as well.
 
Back
Top