How is FDE possible if drive can't contain partitions? (if drive doesn't...
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Hello everyone!
Novice here
My apologies if the answer is obvious. When trying to perform FDE on a non system drive and clicking on the drive itself, Veracrypt says it cannot perform FDE on a drive that contains partitions and goes on to say all partitions will need to be removed to fully encrypt the disk, I would like to understand how is FDE possible if the drive cannot have partitions because to my understanding a drive cannot function if it contains zero partitions?
Thankyou in advance
Simplified:
Partitions are logical fractions of physical memory. The beginning of a memory drive contains information about partitions, like size, position, etc. This information is called partition table.
When doing full drive encryption, the entire drive has to be encrypted. In this case, the beginning of the drive will contain encrypted VeraCrypt volume information. This means, the partition table will be overwritten, logically deleting the partitions.
I guess, to avoid accidental deletion of partition tables and therefore losing access to existing data, the forementioned message is displayed.
Hope this clears things up.
Greets
Thankyou for getting back to me!
I am still confused though because if veracrypt is asking you to remove all partitions before hand anyway then the partition table would be lost regardless wouldn't it?
Again my understanding is a drive needs at least one partition to function so is deleting all of them something people actually do?
sorry im struggling to wrap my head around it
thanks again!
When doing FDE, the entire disk is used as an encrypted volume. Therefore, there is no need for a partition table - there are no partitions to be exposed to the computer's operating system.
What's going on inside the encrypted volume is not related to the outer view on the storage device.
Still, it is also possible to create partitions and encrypt them individually. This will give you seemingly raw, unformatted partitions, as they seem to be uninitialized to the operating system.
No matter in which way you want to use VeraCrypt, when encrypting Partitions or entire devices, make sure to not accidentally "initialize" them afterward. Especially Windows tends to inform the user of unformatted devices and wants to format them. This would lead to damage to the encrypted volumes, partially or completely losing data stored within the volumes.
Greets
Thankyou very much for your help!