Closed ghost closed 9 months ago
DavidXanatos
commented
2 years ago DC does not verify any integrity past the header itself, the MiniTool Partition Wizard however screwed up the headers, and that broke everything. if you are extraordinarly luckey changing the partition serial numebrs back to original may fix the headers.
ghost
commented
2 years ago Got it - thanks! What information does DiskCryptor collect for the header? It says "Collecting Platform Information" after initial system drive encryption (of EFI partition, I think). The reason I ask is because, in some cases (at least on Linux/Debian), special instrucitons are needed when OS kernel is updated/upgraded. I just want to make sure to avoid issues in the future.
Do you know how DiskCryptor fairs against forensic decryption software, such as ElcomSoft (https://www.elcomsoft.com)? Bruteforce attacks are all about GPU's these days and supposedly, 16 symbol passoword AES encryption can be cracked in a few hours using inexpensively using Amazon Web Services (EC2).
A bit off-topic, but as DiskCryptor developer with insight into encryption software, do you know why VeraCrypt is significantly slower than DiskCryptor and similar alternatives (such as BestCrypt) on SSD's? Is it due to lack of support for SSD's TRIM function?
DavidXanatos
commented
2 years ago "Collecting Platform Information" is irrelevant its just creates a txt file with a few infos about the efi setup and reboots, this data are nit relevant for the encryption.
Don't know about bestcrypt, but veracrypt was never designed for transparent encryption and this results in it doing variouse things the long way around duplicating io request overhead, etc....
After I encrypted every drive I had, I decided to change encrypted partition serial numbers with MiniTool Partition Wizard because my partition serial numbers were based on timestamps and included parts of my motherboard's hardcoded MAC address. After I changed partition serial numbers (without saving the original serial numbers), my DiskCryptor password stopped working... I didn't preserve any unencrypted copies of anything and lost my password database, authentication info, recovery codes, some 120 pages of my Ph.D., and a motherload of other important tokens... It was my fault, but I wish I knew what DiskCryptor took into consideration to verify integrity, signatures, etc.
I assume that DiskCryptor collects a bunch of fingerprints during first post-encryption reboot when it says "Collecting System Information", following another reboot.
What are some things I really shouldn't change to make sure DCryptor PW continues to work. I know in some cases, like Denuvo protection for games, simply opening a file, and re-saving in the same format (without changing any data in it) violates integirty.