6 posts in this topic

Goal: On my MacBook Pro 13 (mid-2010), I want to run both OS X Lion with FileVault protection, and Windows 7 64-bit (Boot Camp) with BitLocker protection.

Dilemma: Limit of four primary partitions.

Story: I have this 13-inch MacBook Pro (mid-2010) which I rarely used. Several months ago I upgraded its hard drive to a Seagate Momentus XT 500GB, and just recently I loaded Windows 7 through Boot Camp. I was impressed with how well Windows 7 ran on the system, and I was even playing fairly recent games at high graphics quality. I decided that I wanted to secure the hard drive data in case I bring the laptop with me when I go on trips. "No problem", I thought. Both Windows 7 and OS X Lion have drive encryption features. I first attempted to enable BitLocker in Windows, and realized that the MacBook didn't have a TPM chip. No big deal though - I'll just enable BitLocker and use a USB drive for authentication. The next issue I ran into was that BitLocker required a separate boot partition, and with a Boot Camp install, Windows loads everything in one partition.

OS X Lion uses three partitions - an EFI partition, the OS X partition, and a recovery partition. "Hmm, I don't really need that recovery partition", I thought. So I removed the recovery partition, enabled BitLocker, and all was well on the Windows side. I was impressed that I didn't really notice any speed difference with BitLocker enabled.

Next step: Enable FileVault. Only problem: Apparently FileVault requires that OS X recovery partition. So now I have a dilemma. I can only encrypt one OS or the other since OS X uses three partitions if you use FileVault, and Windows 7 uses two partitions if you use BitLocker.

Theoretical workarounds: I wonder if I could somehow get Windows 7's two partitions inside of an extended partition. Windows 7 doesn't allow you to install it like this since a logical partition can't be marked as active. But perhaps I could image them into logical partitions, and maybe it could still boot since it's being selected from the OS X boot menu.

Another idea is to have the Windows 7 boot partition on a USB drive (since I need the USB drive for BitLocker anyways). But this does not look promising since I have a USB drive with WinPE on it, and it does not show up in the Apple boot menu.

Any suggestions on this would be appreciated. I know some might suggest using virtualization for Windows, but that's not a good solution if you intend to do some gaming in Windows. Some might suggest using TrueCrypt for the Windows partition. I tried that, but it apparently doesn't work with Boot Camp.

Share this post


Link to post
Share on other sites

Doesn't Mac's come with the gpt partition table? You can just set the two windoze partitions as "mbr" primary partitions and the OSX ones (including the EFI partition) as gpt primary ones.

Share this post


Link to post
Share on other sites

Doesn't Mac's come with the gpt partition table? You can just set the two windoze partitions as "mbr" primary partitions and the OSX ones (including the EFI partition) as gpt primary ones.

The problem here is that when you boot up through Boot Camp, the OS sees the drive as having an MBR partition table. So to Windows, the OS X partitions count as the first three, and you are left with one available.

It's starting to look like this project may be a failure. I tried gathering an image of the Windows boot partition, then recreating it as a logical partition. But that would not show up on the Apple boot menu.

Share this post


Link to post
Share on other sites

Doesn't Mac's come with the gpt partition table? You can just set the two windoze partitions as "mbr" primary partitions and the OSX ones (including the EFI partition) as gpt primary ones.

 

http://tumblr.tguum.kr/post/9709394290/enabling-bitlocker-with-osx-lions-filevault-activated

^^ the English is rough, and it is presented in a difficult way to understand besides.

 

It appears possibly this guy is manually editing the Hybrid MBR to effect the suggested fix (using GPT for Mac OS Filevault/boot and MBR for Windows Bitlocker/boot).

 

Can anyone read that post?

 

-Matt

Share this post


Link to post
Share on other sites

I have no way of contributing to this thread, other than saying that this sounds like encrypt-ception.

Share this post


Link to post
Share on other sites

Simple solution, use Parallels Desktop 9 instead. Then you can use bit locker that way or not even bother since you can file vault that.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.