Sometimes in life things don’t go as you whish.
When I created this blog the main purpose was to take notes of technical challenges that I faced at work. Or in my private life.
The goal was to stay pretty technical and close to the IT word.
But like many others working in IT sometimes you feel the need to put a bit of your private life in your blog. Example 1 & example 2.
This time I’m going to show you how I nearly deleted the totality of my private files.
From the beginning
Like many of you I store my private files in the Documents folder.
In that directory there are many subfolders called: work, legal, bank, payslips, health, school, code, etc… and by the name you can already understand what they contains.
Because these are critical documents, like many of you do, I sync a copy of those data in the cloud. I used Google Drive for a few years. Then I tried OwnCloud but it was too difficult to maintain. Then for a few months I used to sync it to my Synology NAS but the client application was giving networking problems. In the end I decided to use OneDrive.
It all went smoothly for a few years but around July this year I filled up OneDrive because I put too many pictures or videos. I also had 2 versions of OneDrive installed.
Long story short: I had to reorder stuff.
During August I went to holiday and while on holiday I imagined the steps to take in order to fix this problem.
The steps were very easy:
- Take a backup of your local folders
- Delete both OneDrive software
- Reinstall OneDrive software
- Import only what you need
It sounds easy right? So say hello to the…
Freudian Lapsus
I’m navigating a very stressful phase of my private life.
So late at night… tired… stressed… I decided to fix the OneDrive problem.
Starting from point 2.
Yes, I did it. It was me.
I’ve been repeating the 4 steps like a mantra for the last month. Backup –> uninstall –> restore.
I’ve also been repeating the same steps a few minutes before taking action.
And still… I voluntarily deleted not 1 but 2 version of OneDrive without taking a backup first.
My stomach jumped to my throat milliseconds after I right clicked on the last uninstall.
I gasped and I frenetically searched for my files into the Documents folder: there where none.
Instead a new E:\
drive appeared: that was my OneDrive’s Personal Vault. Containing my files. Now encrypted with AES-256 key.
You can try to mount it, unlock it… nothing will work. You just have an error saying:
1 2 |
Load key from USB drive A valid USB key wasn't detected |
The fear
When you incur in data loss the fear is real and you make a tour on the 5 stages of grief:
- Denial: It cannot be real! I cannot have lost all the data! (well, I had a yearly backup but it dated back to 2022 so we are still talking about 1 year of data loss)
- Anger: What the hack! Why this has happened to me? (well, because my brain decided that I deserved it. I’ve been treating my brain as a punchball lately and that is the brain’s way to say “that’s enough”)
- Bargaining: This cannot be true! I will find a solution to that! I will find my recovery key (there was none at https://account.microsoft.com/devices/recoverykey?refd=support.microsoft.com)
- Depression: I’m so stupid. I’m nothing. Why do I work in IT? (if you are a tech employees and you experience imposter syndrome… is because you are a tech employee)
- Acceptance: I will restore the backup from 2022. I will eventually add a few files that are still available from OneDrive online. (Good boy…)
An uncanny solution
After 2 days of boiling tears the E:\
drive was still there.
Staring at me with its big eyes, like a cat in the middle of the highway.
I took a step back and I made a list of what I had already tried:
- Mounting and unlocking was impossible without the Recovery Key
- Bypassing BitLocker was out of scope as well as brute force
- Disabling encryption from the BIOS could not help
Maybe I could try a different approach. Maybe I could revert back to the previous state by using the System Restore
:
…NNNAAAAHHH… c’mon it cannot work…. right?
I rolled back my OS the previous sate which was 2 weeks old.
And it worked.
Conclusion
All my files where there.
I repeat: all my files were there. Everything.
Even a scan that I did 2 days previous to the disaster. (Which makes sense because the System Restore rolls back only the software, not other parts of the File System.)
This is completely crazy.
Because the System Restore also rolls back the Registry File… I believe that the password hash was probably saved there…
Or maybe some developer at Microsoft was in a rush because he/she wanted to eat Pad-Thai with shrimps at midday and the password is saved into a .TXT file into ProgramFiiles
or into System32
. It would be interesting to investigate.
I created a question and a solution on SuperUser.com and hopefully this will save some file life.
Lesson Learned
If you haven’t saved your Recovery Key when you created your OneDrive… there is apparently no way to create a new Recovery Key:
Important: Microsoft support is unable to provide, or recreate, a lost BitLocker recovery key.
Which sounds pretty crazy to me.
It’s like “sorry to hear that you have lost your front door key. You now need to remove the front door. Or buy a new home”
People loose their keys all the time, there must be a process in place that allows to create new Recovery Keys. Especially from cloud solutions like OneDrive. Private and Public Key should be managed automatically and smoothly like WhatsApp does. Otherwise you are going to end up like PGP.
Our mental health is important.
If you are not OK sooner or later your brain will tell you that in its own way.
I’m going to psychological therapy and you should go as well.
You go to clean tour teeth right?
You go to check your blood?
You go to the gynaecologist?
…so you should go to therapy as well.