This project has moved and is read-only. For the latest updates, please go here.
50
Vote

Header Deletion and or panic button

description

Allow user to run panic button from GUI.
Allow user to create "Hot Keys" to run the panic button.
Allow pre-configuration of the actions performed by the panic button.

Options in the pre-configuration page...

Wipe the header and backup header locations on all attached drives.
Wipe only user defined drives header and backup header locations.


Unencrypted Drives Options ( if it is possible to work out which are unencrypted )

After header and backup header areas are wiped on all drives attempt to reduce data exposure on unencrypted drives.

Wipe MFT / GPT first.
Attempt full wipe of drive, time permitting.

comments

algreider8 wrote Jan 16, 2015 at 4:33 PM

Oh, this is one of the best ideas I read. Bravo, L0ck!
That could be very very useful in many situations.
+10! (I will try to find some cheat code to vote 10 times for that one :D)

djfonse wrote Apr 14, 2015 at 10:40 PM

+1
Wipe the header and backup header locations on all attached drives.
Wipe only user defined drives header and backup header locations.

Scratch_net wrote Apr 22, 2015 at 3:10 PM

Would be nice to have

randomname0815 wrote May 23, 2015 at 7:55 AM

Can someone enlighten me why this is having such a large amount of followers?

I mean, if the crypto implementations are sound, if the user used a proper password (user responsibility) it will hardly matter, will it? If they knock the door down and see you bolt for your computer to engage the panic mode, their forensic guys will be left with a drive that is cryptogarbage. No header means no hard and fast proof of an encrypted file system, but the fact that getting to the machine first thing was your main objective kinda of ruins your plausible deniabilty a bit, doesn't it? Why run for it if there was nothing on there anyways?

And well... wiping unencrypted space... if you have hobbies or business ventures that send you down that deep into the rabbit hole, and you still keep unencrypted data around you have failed at your basic responsibility for yourself. I doubt that enough wipe runs could be done before they power off the box to really do any good. (*)

I mean, if it's an easy job, I don't object in the least. As long as the features are marked BRIGHT RED and with lots of warnings and can be completely turned off. But I think priorities should be placed on robust core functionality at first.

(*) I just had a brain fart regarding this, as more and more people use SSD drives, and because SSD basically always do simple AES encryption on the hardware level... it might be just possible to set that ATA specification password at installation and then have an panic program forcible remove or change that password in the worst case. I am not sure if it can be done at runtime or if it has to be done through the BIOS, but in that case that simple password change which takes milliseconds would have effectively wiped that drive, no matter whether it had any TC / VC FDE or containers on it.

Enigma2Illusion wrote Jul 1, 2015 at 3:00 PM

Add wiping the bootloader if it exists.

The user will have to destroy any Rescue Disks to prevent access.

anotherSC wrote Jul 14, 2015 at 7:30 AM

I'm new here and just starting to look into all of this so please let me know if this feature has been previously mentioned.

My biggest thing is if a laptop gets stolen from home, office, hotel or somewhere out and about then what I would like to see is for FDE there is a small user defined counter. Enter the incorrect password "x" number of times and wipe the hard drive.

If possible the owner could disable any warnings so some muppet that steals the laptop won't know they have "x" attempts.

From what I gather it will not stop people from cloning etc but from my limited experience the major concern is more random theft rather than some of the above concerns.

testoslav wrote Dec 4, 2015 at 8:50 PM

I think it can be useful feature and quite easy to implement, but I'd never recommend using it. When you run out of excuses, revealing password for outer volume is probably better than letting the 12 angry men believe you have hard drive full of random data, even in a free country.

zhabaloid wrote May 14, 2016 at 2:53 PM

+1

knottie wrote Oct 5, 2016 at 5:05 AM

+1