After the recent conversations RE E4m running under Windows XP, I've started
looking at why e4m doesn't work under Windows XP. I must admit, I've only
tried e4m a few years ago (under 98, I think!), so I'm not really up to
speed with XP.
The only (obvious) problems appear to be:
1) An error "The folder 'G:\' does not exist" when mounting a volume.
Volume still mounts, so this isn't a killer and is probably easy to fix.
2) Unmounting fails and gives an error message "The system cannot find
the file specified".
The errors occur because Windows 2000 -> XP has moved user drive letters
from GLOBAL?? to \sessions\0\dosdevices\00000000-0000d6a0 (for example).
This change is documented in:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/termserv/termserv/kernel_object_namespaces.asp
You can see the difference between the two using WinObj from
www.sysinternals.com
An easy fix would be to move the DismountVolume code into the front-end
application. This would allow users to dismount correctly, but wouldn't
work for non-admins (that's why the Service was implemented in the first
place). The harder fix is going to be to find out the current user session
etc and then point the DismountVolume function call at the per-session
DosDevice. Or can the driver simply unmount \device\E4ME (for drive E:!)?
Does anyone have the correct build environment ready to test this change (I
can provide the altered source code!).
Anyone aware of any other problems apart from the two detailed above?
Cheers in advance,
Sam Simpson
http://www.samsimpson.com/cryptography/scramdisk
Hello Sam,
Referring to the post where Flare253 said he had modified and recompiled
E4M, it appears that the correct development environment is MSVC and DDK for
Windows XP.
Concerning the other problems:
- E4M doesn't detect the "quick user change" of Windows XP Home Edition: it
stays open for the following user (quick user change mode doesn't really
close a session, it simply lets the memory intact / programs running and
merely prevents access to former user's private directory). This induces a
security problem, the data from former user being viewed in clear by the
second one. Note that this problem is general with all disk ciphering
programs having been done before XP (it has been reported also for PGP Disk
6.02i, which has been surprisingly reported to work with XP).
- E4M has a problem when closing a session (not shutting down Windows);
after having opened a new session, it seems to be closed, while it is wrong,
any attempt to mount a new disk shows the old one is still there but cannot
be accessed. The only way to proper close it, in its current version, is to
shutdown Windows.
Hope it will help you...
It would be glad if Flare253 (David, do you read this?) would at least send
a copy of his corrected code and detailed compiling procedure / compiling
environment to Sam or myself!
Best regards,
--
Michel Nallino aka WinTerMiNator
http://www.chez.com/winterminator
(Internet et sécurité: comment surfer en paix)
http://www.gnupgwin.fr.st
(GnuPG pour Windows)
There are more problems than the ones you mentioned. For example,
bad disk geometry,
shutdown blue screen,
chkdsk problems,
2GB limit
A sequel to E4M will be released soon.
Regards,
David
And many many hours of burning the candle at both ends may be required
to deal with all of these....... A competent programmer, should be
able to deal with them given enough time however.
But this is the reason why we are reticent to release the DriveCrypt
source code...... UNLESS we can hide the solutions to these very
problems...
Why should we prevent our competitors (or would be competitors) going
through the hell we did ?
Given that the DriveCrypt device driver is a direct development of the
E4M driver, I know the answer to all these issues, and spent many many
solitary hours dealing with them. But I am afraid I must keep the
solutions to myself, as would anyone involved commercially...
However some people appear to think it's "easy"......
Regards,
Shaun.
..snip..
>
> However some people appear to think it's "easy"......
>
to paraphrase an esteemed and knowledgeable sales person...
oh come now Shaun - it's only noughts and ones! ;-)