I have a dead HP Envy 2-in-1 14" laptop and I want to get the files off the drive. The storage media on it is an M2 NVMe SSD; I removed it carefully and inserted it into a UGreen enclosure that lets me attach it to my Mac via USB.
• nothing mounts although the light comes on on the enclosure
• Disk Utility sees it: “SK hynix BC901 HFS512 GEJ Media”, with one unmounted volume. Disk Utility is unable to mount it, though
• I have Tuxera Disk Manager, which provides better support for NTFS-formatted media. It also sees the device, and sees three partitions: Microsoft reserved partition, basic data partition (the large one, the one I want to mount), and “Untitled 4”, a 1 GB extra partition. Tuxera is unable to mount anything either.
Questions:
a) Are these SSDs set up with some kind of security that specifically prevents accessing the files when they’re plugged in as an external device?
b) Am I going at this the wrong way? Do I need to use a PC?
I’m not a PC owner, although I could probably find a friend who’d let me make the attempt (assuming they aren’t worried about malware etc). (Shouldn’t be any).
Encryption is very likely to be the issue. If so, you are going to need to get the keys from the owner’s Microsoft account and access it from a Windows machine with Bitlocker (i.e. Windows 10 home probably won’t work, but 11 Home should).
This will be the default with almost any major-manufacturer Windows 11 system. You’ll have to find the recovery keys. The owner should be able to access it from their Microsoft account on the web.
That is unfortunate, but may not be the end of the line.
First of, how dead is the laptop? And can it be repaired for a reasonable price? Maybe only the screen is broken, or the power jack needs to be resoldered.
If the laptop really is a dead end, the owner might have written down the account password somewhere, or you may be able to get access to the email account linked to it.
There might even be a process by which the heirs can gain access to the account.
That gets complicated. If their heirs have a device on which he used the account (e.g. a phone) it may be possible to reset the password. If that’s not an option, they can call Microsoft to get help, but it isn’t easy. I had to do that when my mom passed. You’ll need a death certificate.
The drive has been removed from the machine, so even if the laptop is working Bitlocker will require a key to unlock it. If the system is on the encrypted drive (which it looks like it is) that is a dead end.
You could try to check it through Linux and create a Live USB, no install or permanent changes to your system are needed. Most Linux distributions support this these days, and there’s lots of options, but the Honda Civic of Linux is Mint so start there if you don’t care. Then use software like balenaEtcher to write to a spare USB. Reboot to Linux, plug the drive in, and see if it shows up. My only concern would be if the enclosure needs drivers, I’m not sure of the model. But you can update those in the Live boot and it again won’t do anything to your OS.
Assuming the Windows 11 computer was not recently patched, you might be able to use some severe bugs in Bitlocker to gain access with no credentials. This exploit requires a working PC.
Here is one example of directions. I can’t vouch for how well this works or how easy it is for a novice to implement.
P.S. if you run Windows 11 and expect bitlocker to protect your data, make sure your system is fully patched.
What happens when you try to turn it on? You might want to take the laptop to a PC repair shop and see if they can get it running. There may be a way to get it running enough for the files to be copied off.
He actually had three laptops next to his bed that we’re hoping to get some files off of. I’ve succeeded with one, a Lenovo, which was booting to the “enter your PIN” screen, and from which I was able to use “reset your PIN” and have it text a code to his phone, which we conveniently have.
I’m going to try that same strategy with the other two laptops, after I reinstall the SSD and the battery on the one mentioned in the OP.
How does that work? Does the drive notice that it was connected to a different computer and remove the stored secret for decryption from its internal memory?
This will list all of his recovery keys for all devices registered to his account. Print it. Once you do that you will be able to put the encrypted drives into your USB enclosure and unlock them from the Lenovo. When you get prompted for keys you will be presented with a Key ID - use that to find the recovery key from the list.
