I am very sorry, the people at SecurStar support seem to be wrong
regarding preboot code.. I will get in touch with them, and make sure
that this is corrected. There is no strings in the bootstrap (first
hdd sector) but the code will be obvious to someone who knows the
product. There is certainly some in the code, which gets executed by
It is not possible to hide the DcPP boot routines if you want to boot
directly from HDD, as there needs to be some clear code for the
computer to execute in order to load the encrypted operating system.
HOWEVER then it is possible to zap the boot sector, and replace it
with an ordenary one, after creating a CD based tools disk, and you
can boot from that.
Currently bootauth files on the main disk might be still protected.
On DCPP only the first HDD physical sector has boot code on it, in the
MBR area. The rest is on a none movable file in the main disk area in
the root. Bootauthx.sys where x is 0 to 3
To deal with those you need to stop the DCPPSVC2 service, then rename
the files, reboot the computer and then zap them, and scrub the free
space on the disk. Be sure your alternative booting source works, and
then hide it!
Perhaps on a new version we might produce something on the BIOS/DOS
tools disk to do that for people.
Post by macarró
DriveCrypt Plus Pack can be set up with a "hard disk failure" BootAuth
message, I think this is a great feature.
I know that if someone looks at the bootloader with WinHex they will
still see some data, PGP customer service told me that when using whole
disk encryption their PGP software will have the PGP name and version
on the bootloader.
I asked the same question to Securstar, the question was, does the
bootloader stores any kind of information that identifies the
encryption product being used as DriveCrypt Plus Pack?. They said the
bootloader does not have identifiable information.
Has anyone here looked at DCPP bootloader, did you see the name
"Securstar" or something else that could lead to an snooper finding out
quickly what encryption product you are using?
The idea is to make it impossible for someone finding out what
encryption product is being used, I dont know if this can be done.