DiskCryptor supports FAT12, FAT16, FAT32, NTFS and exFAT file systems.
DiskCryptor supports any Microsoft operation system since Windows 2000. Windows 2000 support will cease with the release of DiskCryptor 1.0 which will require Windows XP or newer.
Other operation systems (like Linux, etc.) are currently not supported and no plans exist to add support.
Yes, DiskCryptor works with any RAID volumes that are supported by your system.
Yes, all that is possible. Please refer to the documentation.
The wipe that DiskCryptor performs is a bit different from what you might have come to expect with tools such as Eraser. Wipe function in DiskCryptor does not delete files nor any remnant data that a file system might contain. This is not necessary for DiskCryptor to do, because the programs encrypts the whole file system, with all the visible and invisible data that it has. What "Wipe Mode" does, is that it prevents possibility to recover data by examining residual magnetic energy, which can be done on a specialist equipment. When in "Wipe Mode", DiskCryptor reads each sector's data, wipes the sector, and then writes the encrypted data back to it. So any data that was there before, including deleted files, will still be there when the encrypted volume is later mounted.
After pausing encryption process it is possible to close DiskCryptor/reboot PC and continue encryption later from the same point. Also it is possible to start encrypting a drive on one computer with DC, pause the encryption, move the drive to another computer, and then resume the encryption.
Portable mode will be realized together with container's support as they can be mounted without driver installation. Currently DiskCryptor supports volumes and driver installation is obligatory (administrator rights required) and the following restart (it is possible to load driver without rebooting, however in this case filter can be assigned with volume class only by hacks, which I do not want to use).
No, that would not be implemented, because of the security concerns. DiskCryptor incorporates only conceptual security models for data protection, that are based on a reliable and well-studied algorithms. Future versions are planned to have an option for secure partition deletion, that can be used for data destruction before an adversary can gain access to it. As soon as an adversary gains access to your data storage medium, destruction of data becomes impossible, because a foe can make backup copies beforehand.
There will never be such functionality in the original project, as I adhere to the concept of provable security. Reliability of protection from malware cannot be affirmatively linked to the strength of cryptographic primitives, so that is why in order to maintain the reputation of the program, such protection functionality will never be implemented. Nevertheless, you can make your own fork of the project, and to determine its development policy, yourself.
Yes, malware running with administrative privileges, may extract the password from the memory and to read any data. DiskCryptor does not protect you from malware. This is not a vulnerability of the program, as such kind of protection is not a part of the cryptographic software function.
There is nothing that can be safe in the world, and there are quite a few means to open data without breaking encryption algorithms. Data can be exposed because of malware infestation, or by trying a large number of password possibilities (if you have a weak password), or due to attacks with a physical access to a live system, and other methods. If you cannot prepare for all these different possibilities, then there is a risk that an adversary will use them. As far as possible, DiskCryptor tries to protect you from a number of program attacks, the guarantee of safety, however, can only be achieved through a comprehensive approach to security, which requires for you to have corresponding knowledge. You can read more about the subject, in the article "Risks of using cryptographic software and possible ways of data leaks".
No, unless you're willing to go through a substantial rewrite of the DiskCryptor source code. The DiskCryptor driver has been written to provide access to the DiskCryptor interface specifically only to administrators in order to preserve the security architecture of the underlying operation system. Also, several tasks performed by the DiskCryptor GUI require administrator rights; to get around this would require code being transferred from the GUI to the driver. Ultimately it is easier to maintain the integrity and the underlying security measurements of the operation system by not allowing DiskCryptor to run without administrator rights.
Backup is encrypted with your password and as safe as strong is your password.
Yes, it is perfectly safe to use any such tools that are interacting with a file system of an encrypted disk. It is only unsafe to use such tools if they access disk directly and bypass file system API, which may result in bad sector appearance in file system.
Currently this is not supported. It is planned to include support for partition resizing with OS tools in the future.
To protect yourself from such type of attacks, you need to use bootloader that is placed on an external CD/USB medium, and is configured to boot your OS from a specified partition. In that scenario, your hard disk will have no unencrypted executable code. A more sophisticated adversary, however, may infect BIOS or tamper with a hardware, therefore you should take it as a rule, that if an adversary have had a physical access to your computer, then this computer (or its individual parts) is no longer suitable for processing confidential data.
If the data is so important, then try to remember your password. Nothing else can be done about this, and the author can not help you personally either.
Yes, you will be able to work with that disk the same way as if it was a regular non-encrypted one, but with the exception when it comes to volume header. If header will become lost, so will all your data on that disk. Therefore it is strongly recommended that you keep a copy of volume header in a safe place, by backing it up from programs menu "Tools → Backup Header".
In this case, we are talking about different kind of speeds. The built-in benchmark shows the top speed with which cryptographic algorithms can perform, and this speed is depended on your CPU. But during the encryption of a partition, we see the speed of disk access in alternating read/write mode. The speed reflected in built-in benchmark is applicable when working with already encrypted volume.
Listing is located in file dcconst.h and available on wiki as well.
No. DiskCryptor will always be distributed under the free GPL license. There are many proprietary encryption programs, however they are completely useless, as there no proofs of their reliability, — proof being an open source code. Trustworthy and safe cryptographic software cannot be closed source — this is an axiom.
Currently donations are not accepted.