This project has moved. For the latest updates, please go here.

uefi bios

Jun 4, 2014 at 11:25 PM
have support uefi BIOS? And if not, is it planned to in the future? how soon?
Coordinator
Jun 5, 2014 at 7:06 AM
GPT partitions and UEFI are not supported yet. This is planned but it is complex to implement. Work on it started but we can't give any release date yet.
As of today, no open source implementation of UEFI boot encryption for Windows exists and we hope to be the first to release such implementation.
Oct 8, 2014 at 8:36 AM
Good Morning

Just out of curiosity is UEFI BIOS supported in the latest release? If not when is the plan to support it?
Coordinator
Oct 9, 2014 at 10:04 PM
Hi,

UEFI is not supported yet. As I said in another, it needs many months to implement and test this new feature.
Here is the discussion in question : https://sourceforge.net/p/veracrypt/discussion/technical/thread/b0fb9daa/
Feb 13, 2015 at 8:59 PM
Edited Feb 13, 2015 at 9:03 PM
Just out of curiosity. What happens when UEFI is not supported? Does that just mean you can't run system encryption? I’m using a 4TB drive in Win7 under GPT, that seems to work. But my M-board is about 5 years old now.
GIGABYTE Socket 775 - GA-EP45-UD3P (rev. 1.6)

I have not looked too much into UEFI. Though I don’t know if it can be trusted. I remember a lot of talk about the standard not being totally open. Systems can be booted remotely if it's not turned off. Is that still the case? Or maybe it had something to do with the latest Intel CPU chips. Can't keep up on this stuff anymore. But Just like with hardware routers, if the hardware standards are not totally open, who knows how these complex integrated circuits function under the hood. Though I know there are some router company's who are making open source hardware. This should be the case for all hardware.
Apr 11, 2015 at 9:15 PM
movingkey wrote:
Just out of curiosity. What happens when UEFI is not supported? Does that just mean you can't run system encryption? I’m using a 4TB drive in Win7 under GPT, that seems to work. But my M-board is about 5 years old now.
It bricks the computer and you usually need to format the computer and reinstall windows. I tried to use a different full disk encryption product on my parents new laptop, only to find out later when it stopped working that it was UEFI and not a classic bios. So I had to use the restore feature to make the laptop work again. It might be possible to mount the drive in another computer and decrypt the system from the running copy of veracrypt on that local system from the System menu. That might allow the computer to function again, but no guarantees.

I have a feeling VeraCrypt might defend against this (not sure since I am not going to risk it) by when the initial check is performed when you reboot to find out if you were able to successfully authenticate at bootup or not, then when windows starts up it would detect that it was unsuccessful and hopefully not allow you to even attempt the encryption. Maybe the developer can shed some more light on that.
Coordinator
Apr 17, 2015 at 10:49 PM
Yes, VeraCrypt performs tests prior to system encryption in order to avoid breaking the system. So, if UEFI is on, VeraCrypt will just refuse to encrypt the system and nothing will happen.
Apr 18, 2015 at 1:05 AM
Very good.
Mar 15 at 5:53 AM
Do you have an update on the status of UEFI support? How's the progress?
Apr 25 at 6:00 PM
I'm not sure if UEFI + GPT is officially supported yet, but I'd just like to post that I've successfully used Veracrypt 1.19 to fully encrypt a Windows 10 GPT disk on UEFI. The only non-default option I had to perform was disable Safe Boot in my UEFI settings.
Developer
Apr 29 at 7:35 AM
Let me explain:
  1. I made UEFI support year ago. Project - disk cryptography services.
  2. Mounir published the result in version 1.18 to be audited.
  3. Version 1.19 contains audit result fixes. Audit team about the UEFI support: "It is actually one of the most important features added by VeraCrypt since the
    beginning of the project."
  4. Mounir stopped support the project since begging of this year.
  5. I published 1.20b2 patches 1,2 to fix problem with OS rescue disk and to show progress like: TPM 1.2 support (TPM 2.0 was done also but not published), multiple hidden volumes and many configuration options for pre-boot authorization
    https://sourceforge.net/projects/dc5/files/beta/
Result of year work: I can not find any funding for the project. Donation campaign produce nothing. (Note: I do not have access to VeraCrypt donations)
So => The project is not interesting.
May 16 at 9:32 PM
Well, I guess your work is not known to many people?!

Whats happening to the codeplex-based donations then?
Developer
May 17 at 9:26 AM
Mounir is coordinator of VeraCrypt project. He had some personal issues. I hope he will return to the project again.