Windows 10 upgrades can break boot loaders

Post Reply
Daver
Posts: 11
Joined: Sun Jun 28, 2020 1:17 am

Windows 10 upgrades can break boot loaders

Post by Daver »

Third party boot loaders like GRUB and (in the past?) the VeraCrypt boot loader could be broken by Windows 10 upgrades. A Windows 10 upgrade is the same as re-installing Windows and it doesn't seem to care about messing with other boot loaders.

Hopefully there are safeguards in place to prevent Windows 10 from suddenly not booting when its fully encrypted (when this happens, Windows 10 will likely boot up with the recovery options, but none of them will fix the problem). I don't know what would happen if the user encrypts all of the Windows partitions (including the recovery partition). Is it only necessary to encrypt the Windows data partition or can the user safely encrypt the entire drive? Also, there's no point the user encrypting the wrong Windows partition and saving private data to an unencrypted partition!

DavidXanatos
Posts: 44
Joined: Mon Jan 27, 2020 8:05 pm

Re: Windows 10 upgrades can break boot loaders

Post by DavidXanatos »

There are attempts of safeguards but its not 100% reliable, but what happens when that fails shouldn't be a unbootable system but the upgrade process failing.

In any case a damaged boot loader can be easily recovered with a windows 2 go drive that has a modern DC version installed, from it you only have to reinstall the boot loader and voila as good as new.

Daver
Posts: 11
Joined: Sun Jun 28, 2020 1:17 am

Re: Windows 10 upgrades can break boot loaders

Post by Daver »

Is there a way to code the DiskCryptor boatloader so it never gets overwritten?

DavidXanatos
Posts: 44
Joined: Mon Jan 27, 2020 8:05 pm

Re: Windows 10 upgrades can break boot loaders

Post by DavidXanatos »

Daver wrote:
Fri Jul 17, 2020 10:37 pm
Is there a way to code the DiskCryptor boatloader so it never gets overwritten?
No.

I mean you could develop a custom firmware for your particular ssd, but that's extremely unpractical.

A better approach would be to install an internal USB drive that has a read only switch and put the boot loader there.

Daver
Posts: 11
Joined: Sun Jun 28, 2020 1:17 am

Re: Windows 10 upgrades can break boot loaders

Post by Daver »

I mean is there a way to prevent Windows 10 from tampering with the DiskCryptor bootloader or a way to self-repair it?

For instance, while the bootlaoder or DiskCryptor itself is loaded in memory, protect the integrity of the bootloader when Windows 10 decides to do its own thing.

Crazy that Windows 10 seems to always break something with every update or upgrade, but this is something that will remain a problem for Windows 10 users from now on. Not being able to boot into any encrypted drive (or recover the data) would be very serious! :(

DavidXanatos
Posts: 44
Joined: Mon Jan 27, 2020 8:05 pm

Re: Windows 10 upgrades can break boot loaders

Post by DavidXanatos »

One could try to use a filter driver to turn the efi partition read only not sure if windows would like it though.

Daver
Posts: 11
Joined: Sun Jun 28, 2020 1:17 am

Re: Windows 10 upgrades can break boot loaders

Post by Daver »

When the user encrypts the Windows 10 data partition (or all the Windows 10 partitions, except the EFI), maybe require the creation of a "rescue disk" before the encryption takes place? If Windows 10 does not boot in future, the user can restore the DiskCryptor boot loader.

Protecting the bootloader could hopefully be implemented. It's unknown why Windows 10 has to tamper with the boot loader when Windows 10 performs the "feature updates", but unfortunately it does!

Daver
Posts: 11
Joined: Sun Jun 28, 2020 1:17 am

Re: Windows 10 upgrades can break boot loaders

Post by Daver »

Assuming the worst case scenario and Windows 10 has overwritten the DiskCryptor bootloader (or it somehow got damaged).

How would the user repair it? What about UEFI setups, would this make it too difficult or impossible?

DavidXanatos
Posts: 44
Joined: Mon Jan 27, 2020 8:05 pm

Re: Windows 10 upgrades can break boot loaders

Post by DavidXanatos »

Daver wrote:
Thu Sep 03, 2020 9:27 pm
Assuming the worst case scenario and Windows 10 has overwritten the DiskCryptor bootloader (or it somehow got damaged).

How would the user repair it?
By using a boot USB stick with the DC bootloader, that stick is not unique to the system so can be created on any PC with a sufficiently new DC.

Alternatively by using a bootable windows live disk with a DC install on it, or by placing the HDD with the damaged loader into an other PC with a DC installation.

Post Reply