Bitlocker Company Laptop Windows 10 to a VM (qemu)

Hi all,

don’t know if it’s the right subforum for my request…

As mentioned in the title: I have a laptop owned by my company. This is Windows 10; bitlocker in place, I have no access to any BIOS stuff nor a bitlocker password; Laptop somehow decrypts the disk by itself (TPM/BIOS no clue how that works in Windows…)

I’d like to create a KVM/qemu instance that I can run on my Endeavour Laptop.

What I did: I installed the VM Ware p2v converter tool and created a vmware disk image. This image has been converted to a qcow2 qemu image. File size was 135GB for a 256GB disk. I then created a KVM instance in KVM Manager for Windows 10 and integrated the qcow2 into it. The boot process stopped quite early with a “Booting form harddisk” … nothing more.

I now wonder if my idea is possible at all as I don’t have the hardware the bitlocked windows relies on? Can I get around this?

Or - other idea: do a xcopy from running decrypted company windows on a backup disk, set up an evalation copy of a Windows and xcopy back to a second empty disk image attached to that windows instance and then switch that instance to use the just xcopied backup?!

Any ideas welcome. This is my afterwork hobby project, so no pressure on it :wink:

I know in general that is none of my business and it shouldn’t concern me, but you want to access an image of your apparently quite good secured company laptop in a VM on your private computer that might be not as good secured?
I would imagine that whatever company you are working for doesn’t want their security measures to be bypassed…

I don’t want to be rude, but I want to give some input that you might want to consider.

Yes, I also have this in my mind.

I suppose my Linux Laptop is much safer than the windows machine. :wink:

And regarding the bitlocker stuff my company uses to protect data against theft of the whole laptop: my Linux machins is fully encrypted as well - so I’m pretty sure I won’t cause more problems than a stupid regular office guy clicking on a malware pdf.

I only have little hope that it will work, but it’s kind of sport to me - I don#t play other games on my computer :rofl:

EDIT: and of course you are not rude: security first and always consider what you are doing is a good advise!

1 Like
  1. Never try to circumvent company policy - you will likely get yourself sacked.
  2. Bitlocker relies on TPM and Secure Boot.

And you are correct - it won’t.

1 Like

Then thanks, both. Saved me some time. Now trying to get a Mac from my company instead of that Win**thing.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.