none
Bitlocker boot startup text RRS feed

  • Question

  • Hey guys,

    i'm searching and testing alot on this problem and finaly i gonna ask the forum.

    We are using a standard 7 x64 image and it's working good. For security issues we encrypted our system with BitLocker, with no TMP module but the USB drive method.

    Working good as intended, BUT .... there is this white hint text before the actual windows loading process.

    Is there any possibility to remove or shorten this message?

    We know that it says to remove the USB drive, but unfortunately we can't and we won't.

    Any solution would help. 

    Greetings from Germany
    • Edited by _NorbertT Tuesday, March 27, 2012 7:42 AM
    Tuesday, March 27, 2012 7:39 AM

Answers

  • Problem solved.

    1. deactivate integrity checks on the machine with bcdedit, so bootmgr starts with the altered file
    (maybe tesginging on, will test this later)

    2. change the text in the files

    3. Done.

    Nothing to do, especially with BitLocker more with the actually bootmanager.
    Open to further information if desired.

    greetings
    Norbert

     

    • Marked as answer by _NorbertT Friday, March 30, 2012 6:29 AM
    Friday, March 30, 2012 6:29 AM

All replies

  • Hi.

    What white hint text you mean? Is it some functional or some cosmetic thing?
    (never used BL)
    (Btw: where are you located in germany?)


    Windows Embedded Developer and Scripting Guy //Germany (Preparing a blog about Windows Embedded Standard)


    • Edited by KNARZ Tuesday, March 27, 2012 11:49 AM
    Tuesday, March 27, 2012 11:49 AM
  • Hi Knarz.

    The hint text says:

    Windows BitLocker Drive Encryption key loaded.
    Remove key storage media.

    This text has to be deleted or perhaps shortend. Personally I am totally aware that this isn't the way how BitLocker should work. Security wise, to leave the key plugged in makes the whole idea sloppy. But my kind of supervisor wont work without the BL and our only way to accomplish this, is he usb-drive-key method (no TPM).

    We discoverd the origin of this kind of texts in the bootmanager from 7.
    bootmgr.exe.mui / bootmgr.efi.mui

    greetings

    (bin hier in Zwickau/Sachsen :) )

    Thursday, March 29, 2012 6:39 AM
  • Problem solved.

    1. deactivate integrity checks on the machine with bcdedit, so bootmgr starts with the altered file
    (maybe tesginging on, will test this later)

    2. change the text in the files

    3. Done.

    Nothing to do, especially with BitLocker more with the actually bootmanager.
    Open to further information if desired.

    greetings
    Norbert

     

    • Marked as answer by _NorbertT Friday, March 30, 2012 6:29 AM
    Friday, March 30, 2012 6:29 AM
  • Sry, didn't find the thread anymore.
    I also just would/could recommend to edit the mui files or the bootmgr (uncompressed) itself (and delete the lines for the text).
    MUIs files aren't signed. So if you edited MUI files i guess no integrity check or signature is necessary.
    I haven't tested editing muis in bootmgr stage but (of course) on winload stage. - if there is an error with the files (e.g. for german) winload does a fallback to english but i don't know if this behavior is related to all kinds of boot or just a check from winload itself.
    (btw: Hamburg ;)


    Windows Embedded Developer and Scripting Guy //Germany (Preparing a blog about Windows Embedded Standard)

    Friday, March 30, 2012 1:51 PM
  • Hi Norbert,

    We're searching for a solution to change or remove this bitlocker startup text as well:

    "Windows BitLocker Drive Encryption key loaded.
     Remove key storage media."

    I found the text in bootmgr.exe.mui, tried to change it there using "Resource Hacker" - but I had no luck at all. I don't know what you did with bcdedit - maybe you can give me a hint?

    Thanks (from Austria),
    Thomas.

    Thursday, August 9, 2012 11:21 AM