New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BSOD on Shutdown #871
Comments
This is an interesting behavior. I suspect that it has to do with the fact that we dismount system volume on shutdown in order to ensure that system encryption keys are erased from RAM before power off. This was added in version 1.24 released on October 6th 2019.
I don't recall receiving a similar report so it seems that this change works well for most users. For now, I don't have an immediate solution. Once I implement this setting, I can share a build so that you can see if it solves your problem. |
Thank you for your response. I look forward to it. |
I have implemented support for a new registry key to disable erasing system encryption keys on shutdown/reboot:
Versin 1.25.8 will contain this change and I have upload the release candidate for 1.25.8 to https://sourceforge.net/projects/veracrypt/files/VeraCrypt%20Nightly%20Builds/Windows/ if you want to test it. |
Thank you, I'll test it out. Would disable erasing system encryption keys on shutdown/reboot compromises the security of that computer? |
Erasing the key from RAM on shutdown/reboot protects from so-called "cold boot attacks" where an adversary can access the machine after it is powered off, remove physical RAM modules from the PC motherboard and then analyze their content to try to read their content. Luckily, thanks to RAM cells decay with time, this attack requires access to the PC not long after it is shutdown. VeraCrypt contains a feature called RAM Encryption that adds an additional layer of protection again such attacks by applying encrypt over keys stored in the RAM. RAM Encryption is disabled by default because it brings some constraints like impossibility to use hibernate. in all cases, the decision depends on your threat model. VeraCrypt philosophy is to provide various options to adapt to each user need. |
Got it, I've tested out the version 1.5.28 and it works. Thanks :) |
I applied the registry fix, however I still receive bsod at shutdown and restart - CRITICAL_PROCESS_DIED. Minidump is never created. Windows 11, VC 1.25.9 |
I'm on Windows 11 21H2, VeraCrypt 1.25.7 with Full Disk Encryption. On every shutdown my computer (desktop) I've notice that it produce a BSOD with the stop code: CRITICAL PROCESS DIED. When I shutdown my computer, I need to press the power button again.
I am not sure if this has anything to do with Legacy Mode boot with MBR.
The text was updated successfully, but these errors were encountered: