diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-07-26 17:46:17 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-11-08 23:21:40 +0100 |
| commit | 97154aaf51efe787dd1678c8e1baeeb65ce46fe1 (patch) | |
| tree | 0034e3b6d3c272ceb35b3b186305e8510afc64c5 /src/Format | |
| parent | 1ddae209326858f1c244a4b52ba2bd068cc8985a (diff) | |
| download | VeraCrypt-97154aaf51efe787dd1678c8e1baeeb65ce46fe1.tar.gz VeraCrypt-97154aaf51efe787dd1678c8e1baeeb65ce46fe1.zip | |
Lower number of times we overwrite volume header during the encryption of a partition if the user choose to wipe the driver. Latest studies show that even one pass is enough to make data irretrievable. A value of 3 is a conservative approach that enhance performance without scarifying security. http://www.infosecisland.com/blogview/16130-The-Urban-Legend-of-Multipass-Hard-Disk-Overwrite.html http://digital-forensics.sans.org/blog/2009/01/15/overwriting-hard-drive-data/
Diffstat (limited to 'src/Format')
| -rw-r--r-- | src/Format/InPlace.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 228e2e5f..b1bfac98 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c | |||
| @@ -501,7 +501,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol | |||
| 501 | area is occuppied by data until the very end of the process). */ | 501 | area is occuppied by data until the very end of the process). */ |
| 502 | 502 | ||
| 503 | // Prepare the backup header | 503 | // Prepare the backup header |
| 504 | for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_DISK_WIPE_PASSES); wipePass++) | 504 | for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) |
| 505 | { | 505 | { |
| 506 | nStatus = CreateVolumeHeaderInMemory (FALSE, | 506 | nStatus = CreateVolumeHeaderInMemory (FALSE, |
| 507 | header, | 507 | header, |
| @@ -518,7 +518,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol | |||
| 518 | 0, | 518 | 0, |
| 519 | volParams->headerFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, | 519 | volParams->headerFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, |
| 520 | volParams->sectorSize, | 520 | volParams->sectorSize, |
| 521 | wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_DISK_WIPE_PASSES - 1)); | 521 | wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); |
| 522 | 522 | ||
| 523 | if (nStatus != 0) | 523 | if (nStatus != 0) |
| 524 | goto closing_seq; | 524 | goto closing_seq; |
| @@ -969,7 +969,7 @@ inplace_enc_read: | |||
| 969 | 969 | ||
| 970 | SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING); | 970 | SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING); |
| 971 | 971 | ||
| 972 | for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_DISK_WIPE_PASSES); wipePass++) | 972 | for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) |
| 973 | { | 973 | { |
| 974 | nStatus = CreateVolumeHeaderInMemory (FALSE, | 974 | nStatus = CreateVolumeHeaderInMemory (FALSE, |
| 975 | header, | 975 | header, |
| @@ -986,7 +986,7 @@ inplace_enc_read: | |||
| 986 | masterCryptoInfo->RequiredProgramVersion, | 986 | masterCryptoInfo->RequiredProgramVersion, |
| 987 | masterCryptoInfo->HeaderFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, | 987 | masterCryptoInfo->HeaderFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, |
| 988 | masterCryptoInfo->SectorSize, | 988 | masterCryptoInfo->SectorSize, |
| 989 | wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_DISK_WIPE_PASSES - 1)); | 989 | wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); |
| 990 | 990 | ||
| 991 | if (nStatus != ERR_SUCCESS) | 991 | if (nStatus != ERR_SUCCESS) |
| 992 | goto closing_seq; | 992 | goto closing_seq; |