Update to Windows 10 ver 1709 enables Fast Startup, causing security risk for TC and other users

Discussion in 'encryption problems' started by dantz, Dec 11, 2017.

  1. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    The latest Windows update appears to automatically enable "Fast startup" on certain Windows 10 systems.

    "Fast startup" functions by writing certain RAM contents to disk prior to shutdown, and then reading that data back into RAM during startup (similar to hibernation, but not as comprehensive). This allows Windows to start up more quickly. It can also cause your encryption keys and/or passwords to be written to disk prior to shutdown, which is basically a security nightmare.

    This is a known security issue which has been discussed previously, both on Wilders and elsewhere. The only reason I mention it now is because this latest update appears to automatically enable the feature without informing the user, thus creating a potential security risk which many users may not be aware of.

    Steps to reproduce the problem (there are undoubtedly others, but here is what I have found so far):

    If "Fast startup" is enabled (in Control Panel / Power options / Choose what the power buttons do), and if you have enabled "Cache passwords and keyfiles in memory" in TrueCrypt, and if you shut down your PC while a TrueCrypt volume is mounted (whether intentionally or due to a power failure), then when you restart your PC, Windows will automatically remount your volume without requiring you to input a password. The password will also be re-cached into memory. (Note: According to some online searches I performed, similar behavior has been seen in VeraCrypt, Diskcryptor and PGP Desktop.)

    This has obvious and serious security implications:

    1) Any volumes that were mounted during shutdown will be remounted during startup without any input from you. Thus, anyone who can start or access your PC has full access to them.

    2) Windows apparently stores your encryption keys and/or passwords on disk in order to make this feature work. This means that your encryption keys and/or passwords can likely be recovered from disk via simple forensic techniques, even if you subsequently dismount the volume. (I will try to confirm exactly what is written to disk: the keys, the passwords, or both).

    Please keep in mind that your encryption keys and/or passwords should NEVER be written to disk, they are meant to exist only in RAM and only while the system is running. If your keys have ever been written to disk, even just one time, then they are vulnerable to discovery and you need to generate new keys. This is why users of on-the-fly encryption software should never use hibernation or any other features that write the contents of RAM to disk.

    Solution:
    Disable "fast startup" to prevent Windows from storing your encryption keys and/or passwords on disk

    To see if fast startup is enabled in Windows 10:
    Control Panel / Power Options / Choose what the power buttons do
    Look at your Shutdown settings to see if "Turn on fast startup" is enabled

    To disable fast startup:
    Control Panel / Power Options / Choose what the power buttons do / Change settings that are currently unavailable / uncheck "Turn on fast startup" / Save changes

    Note: There are certain workarounds that can allow you to leave fast startup enabled, but I'm not sure how safe they are, so I'm not going to post them until I understand the situation more fully. Also, all of the above is preliminary information and is merely a heads-up. When I get some time I will try to nail down more of the specifics.
     
  2. guest

    guest Guest

    Same for Veracrypt?
     
  3. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
  4. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,982
  5. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    One of the first things I do on Windows 10 is to turn off Fast Startup.
     
  6. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    I haven't tested VeraCrypt personally, but I would expect it to have the same vulnerability. This would apply more to volume encryption than to system encryption, as system encryption encrypts pretty much everything, including the hibernation files. However, I can't be certain of this, as I don't know the inner workings of the Fast Startup feature.

    I have noticed (via online search) that various VeraCrypt users have experienced other incompatibilities with Fast Startup and they have chosen to disable it for that reason.

    The main concept here is that any on-the-fly encryption software that encrypts volumes and stores the encryption keys in RAM is probably at risk. You don't want to allow your encryption keys or passwords to be written to disk, ever. Disabling hibernation, hybrid sleep and fast startup should be a standard practice among users of software encryption.

    I'll post more when I learn more.
     
  7. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    Should we all start wearing our underwear on the outside so it can be checked? Oh we already are.



    I feel so old. This big business is always right environment sickens me. There's hardly anyone in power who stands up for the individual these days. People used to work together when the egregious happened. Now they are afraid to. Lies are truth. Please God just hold off on the goose stepping until I'm dead.
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I do the same in my VM. I also disable hibernation, sleep and similar "features" on Win 7, 8.1. They usually cause more problems then help anything.
     
  9. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,557
    This has happened also with all the previous Windows 10 upgrades.
     
  10. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,557
    I enabled Fast startup (Windows 10 1709), mounted a VeraCrypt volume (container), also inserted and unblocked a UFD encrypted with BitLocker.

    I turned off the computer, then turned it on. The VeraCrypt volume didn´t appear mounted, the UFD was shown in Windows Explorer as blocked. So everything worked as expected.
     
  11. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,402
    I haven't studied this yet either. I would think that users running Win 10 on FDE MBR disks (not UEFI) would be safe from this. I will mount one of my Win 10's later, which are all on MBR disks, and then do a sha256 on the MBR to see if anything changes. I haven't mounted a Win OS in about 6 months so I am rusty. LOL! This thread is yet another reason to question using one, frankly.
     
  12. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    Thank you for trying that. Was "Cache passwords in driver memory" enabled when you entered the VeraCrypt password?

    Fast startup writes loaded drivers to hiberfil.sys during shutdown.
     
  13. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,557
    No, that option was not enabled. I´ve never enabled it. What´s its purpose?
     
  14. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,868
    Location:
    Outer space
    Passwords written to disk isn't a problem if the full disk is encrypted :isay:
     
  15. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    It temporarily caches (stores) the password that you enter in RAM for convenience. For example, if you happen to have multiple encrypted volumes that utilize the same password then you only have to enter the password once, then you can mount, dismount and remount your various volumes as desired without re-entering the password.

    The "wipe cache" command (optional) can be used to remove the password from RAM if desired, otherwise it will be cleared along with all of the other contents of RAM during the next shutdown. (Unless, that is, Fast Startup or hibernation preserve it on disk and write it back into RAM during the next startup.)

    VeraCrypt began as a fork of TrueCrypt and the two programs are still quite similar in operation, so I think it's quite likely that if you shut down your PC while a VeraCrypt volume is mounted (with password caching enabled), then when you start your PC up again, your VeraCrypt volume will "automagically" re-mount itself with no input from you.

    If you care to try the test again, I'd be interested to hear how that one turns out.
     
  16. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    Yes, you are likely correct, but not everyone uses system encryption.
     
  17. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    I have run a series of tests involving mounted and unmounted TC volumes, some with the same passwords but different encryption keys, and others with different passwords and the same encryption keys. At this point it looks like both the passwords and the encryption keys of any mounted volumes will be written to disk at shutdown if the Fast Startup feature is enabled.

    My next steps will be to examine the contents of hiberfil.sys after shutdown to see if I can manually recover any passwords and/or encryption keys from a powered-off system. However, I'm just doing this out of curiosity at this point, as it's already becoming quite obvious that Fast Startup is just another type of hibernation, and thus it needs to be disabled in order to maintain a reasonable level of security.

    The risks of enabling hibernation in any form should already be common knowledge among those who utilize on-the-fly encryption, and this thread is not meant to be about that.

    The point of this thread is that the latest Windows update silently turns the feature on, even if you had it disabled. None of our systems had hibernation or fast startup enabled until we updated them to Windows 10 ver 1709. This update could put a lot of unsuspecting users at risk.
     
  18. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,557
    I tried again, same result.

    Enabled Fast startup, in VeraCrypt enabled "Cache passwords in driver memory", mounted a volume, turned off the computer, turned it on. The volume did not appear mounted.

    I checked the settings, they were correct as stated.
     
    Last edited: Dec 13, 2017
  19. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    I just performed a quick test using VeraCrypt and I found that under certain configurations, Fast Startup will write the volume password to disk during shutdown, and upon restart Windows will write the password back into RAM and will return the previously mounted volume to its mounted state. This is just what I observed with TrueCrypt, and at this point I'm done testing individual programs. It's now quite obvious that Fast Startup is merely another form of hibernation and it is capable of creating a major security risk for users of encryption software. Solution = Disable it.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.