Surely your machine is protected by the same password whether it’s in sleep or hibernate mode?

Windows password yes. There’s a BIOS password and a PGP encryption key on this too.

For some reason (dunno why) PGP only works properly when the power is off.

Surely your machine is protected by the same password whether it’s in sleep or hibernate mode?

Nope – it still asks for the BIOS password and the PGP passkey.

Yes, machines are often stolen from offices, that’s why I am also obliged to use a Kensington lock.

AFAIK IT security policy is supposed to be based on the weakest link

Well yeah if your aim is to stop idiot users from either accidentally or deliberately doing something insecure. However we’re not idiot users, we’re trusted with a lot of stuff generally, and we need administrator access to do our jobs. So the measure we have are designed to support that.

Whether or not it’s the perfect policy is another issue. There’s not much else that can be done tbh.

with truecrypt (only one I’ve used) if you shutdown or hibernate you need to enter the encryption passphrase before it’ll boot. If the user decides to put it into standby this doesn’t happen goes straight to windows. If windows password is strong enough you might be ok as whoever ends up with the laptop can’t run a password reset boot cd*. Of course if the system isn’t locked down and the user can enable system standby they can probably also get rid of the need for that pesky windows password aswell, turning your encrypted, password protected laptop into an open book.

IANA it security specialist, so could be talking cobblers.

*there maybe other ways around it, dunno.

There’s a BIOS password

isn’t resetting a bios password as simple as undoing a panel and removing the battery or swapping a jumper switch?

However we’re not idiot users, we’re trusted with a lot of stuff

again, I wasn’t calling you (or your co-workers) idiots. I have however personally seen some quite intelligent people do some dumb shit with their PCs.

It’s actually a BIOS HD password I think. So in the HD firmware rather than the machine. Although that might’ve changed since I installed PGP, not sure.

ah right, dunno owt about hd passwords

By default W7 writes 75% of your total RAM to disk on hibernation. You can change this down to 50% mnimum by typing

PowerCfg -HIBERNATE -SIZE 50

This might help a little?

That’s not how it works.

It’s writing 100% of the RAM to disk, using compression to fit into a file 75% of the size the RAM. If you resize the hibernation file in that manner you’re reducing, well, the file size, not what’s being committed. So, if you make the file too small, the contents of RAM won’t fit into it, and then Windows will be sad.

Cougar, I think you are just choosing the compression ratio it uses when writing. So at 50% compression the ram will always fit into a file at 50% the size…..?

50% is the minimum anyway.

Well,

One of us is wrong. Quite happy to hold my hand up and say it’s me, not something I’m 100% sure about.

I’m not 100% sure either, but I can’t imagine they’d let you mandate the file size if they weren’t sure it would work.

I can imagine that fairly readily. (-:

You don’t use the full 32gb of ram in normal use… If ever. The most you would be using before you hibernate is 1gb or 2… Not 32.

Well, the hibernate file is 32Gb but that may not all be being written to of course. But fact is, it takes 6 mins to resume.

The most you would be using before you hibernate is 1gb or 2

12Gb is normal. Why do you think I have lots of RAM?

Put them in the Startup Folder

It’ll still take just as long. It’s the 5 minutes of hard disk thrashing after you log in that slows it all down. I’d still have to log into things and the like.

Trust me, I’m not a total numpty. I do know there are alternatives, but I would just quite like it if features that should be available actually worked.

60 squillion threads on STW suggest otherwise…… 🙂

Weirdo.

You’re the one failing to solve a problem then blaming me for having it.

60 squillion threads on STW suggest otherwise……

😆

Gave the RAM disk as go, using it for the cache in Chrome and for temp files, have to say I’m impressed with the difference in browsing speed.

EDITED

Already done ramdisks, didn’t make a lot of difference. More concerned about the hibernate issue tbh.

RAM disks shouldn’t work on a modern system, from a raw performance point of view. I’m going out in a minute and that’s a long explanation that I’ve not got time to type, but I’d be curious to hear whether that ‘impressive difference’ is real or perceived. Ie, have you timed it?

Good point I’ll have to work out a test just to see by how much. Off to Google some ideas on how to test.

The RAM disk thing – it depends what you use them for. The best suggestion is to use them for browser caches. They can be made persistent.

They ONLY work though if you have plenty of physical RAM left over. If the ramdisk is at risk of being swapped into the page file then you’re wasting your time.

Incidentally, on the subject of browser caches – I’m considering putting the cache on an SD card on my Vaio P – it’s very under powered and under batteried, and the disk is slow and spends a lot of time going, even when browsing. Some or most of this is cache activity.