-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
blwipe for windows #1
Comments
This was something I looked into briefly as well. I did get the partition to read, but it gave an NTFS signature instead. I'm guessing the BitLocker driver is intercepting requests and preventing me from accessing the raw BitLocker volume itself.
Maybe there is some way to access raw partitions, but I think it would take a lot more code. In the end I figured it was not really worth the effort to add proper Windows support. You can as easily boot a Ubuntu Live CD and put |
Thank you for quick reply, that explains a lot. My use case is to provide people on Windows 10 a quick and easy way to wipe those encryption keys as they may be tortured to reveal the password (unfortunately we do have many real cases). These people are not technical (HRDs) and I doubt that under heavy pressure they can find a USB flash (that was prepared for this exact situation), insert it, reboot computer and remember which key to press to enter Boot menu (F12, Fn+F12, something different), which item should be selected there, etc. Thus, such kind of scenario seems to be very fragile. Maybe you have and can share some ideas on this? I can consider donating a couple of hundreds of dollars to get windows version, though I understand that time needed for R'n'D and all the testing won't be covered in a good way |
If you want to "see" the encrypted partition, you need to open the physical drive (\.\PhysicalDrive0) and parse the partition table to reach the encrypted volume. But your comment about the need to boot from liveCD is really valid as you won't have write access using this technique. |
I think in your use case, it is definitely faster to invoke the tool from within Windows itself. In my blog I described a feature that is built into Windows, using I also have not tried if it is possible to issue This might be one solution which can be used now, if it works for you. |
First of all, thank you very much for the great piece of software! Unfortunately I can't do Go, so I want to ask if you can add some Windows 10 compatibility so one can wipe encryption keys on the live system? I tried different paths with a current version, but had no luck (
\\?\Device\Harddisk0\Partition4
etc.)Google uses "golang.org/x/sys/windows" for a similar purposes with MBR:
https://github.com/GoogleCloudPlatform/compute-image-tools/blob/master/cli_tools/import_precheck/check_disks_windows.go#L69
The text was updated successfully, but these errors were encountered: