I would like to reach the point where i have one system, with 2 windows OSs on it, both encrypted. Earlier i made it with bitlocker, but it was only a test run. Wondering if it is possible with veracrypt only.
What i do not know, but key points:
would it work with one disk (preferred) for both or not, and i need a second disk… or even it is possible with windows(-es?);
how difficult is to select “the other than the previous” OS at fresh boot. (If bootorder-change is needed, the solution is just died for me…[bitlocker is just select-that-from-menu, password-of-that, reboot, password-of-that,in])
WinX would mean any windows, 7, 10 or 11, i need one app to be able to run on it for an other user, even being set to be perma-offline, but i still would like to know that “surface” closed when my OS runs, so mine (or any) can not rad data from it, or put data onto it to my OS to read.
I don’t have an answer to this but I don’t know of any meaningful security benefit to using VeraCrypt over BitLocker, yet I have heard anecdotes that VeraCrypt full-disk encryption is more prone to issues. If you already had success with BitLocker, it’s probably better to stick with that.
It’s kind of difficult to understand what you’re trying to say. It sounds like you want to use a second installation of Windows as an air gapped computer. You can try to do that, just beware that it isn’t a very secure air gap. Bootkits can easily get around the air gap and if you leave both storage drives plugged in, I’d worry malware in general might be able to affect both installations.
In the recent 3+ years, i have used veracrypt only, the test was made before that and lasted for two weeks with bitlocker. I do not know how to read the
-part in this relation.
( i have plans to test it, if no one did this, who reads it, because i must know
This is why i would like to have the “open surfaces encrypted”, meaning the secondary system must be fully encrypted (sure windows file system micro gaps…). (All perma attached drives are encrypted too, but only the main could open those, the other should nothing to do with them [would not be able to unencrypt those…]). I rather call it closed-off, than air-gapped. The goal is to not be readable for the main system, and not to not be inpenetratable. Similar thing in reverse.
Sure attached flash-drives are the risks in this case, that is noted! But this is still true in a normal, single-boot, but encrypted system’s case. (HAVING BACKUP RULES!)
Leftover key info: Both OS with diffrent unlock key/encryption, for sure!
