By exploit standards, that’s not especially hard. I don’t think there’s really anything blocking accessing it at all if an NTFS volume is mounted on a typical desktop Linux distro, as it’s just NTFS permissions blocking it, and they’re not typically obeyed by Linux in the first place.
In the face of your edit, I see that you’ve misunderstood the exploit. You need write access to the System Volume Information directory of your own USB stick, not anything on the target machine. It’s much easier to get access to things on a computer than it is to get access on one particular computer, and this exploit lets you jump from one to the other.
Its whole-volume encryption, not file encryption. Most modern CPUs have built-in AES-NI instructions so its not much of a performance penalty (as long as AES is used for encryption).
I’ll copy the bit here that I just edited into my reply after you edited the first post:
In the face of your edit, I see that you’ve misunderstood the exploit. You need write access to the System Volume Information directory of your own USB stick, not anything on the target machine. It’s much easier to get access to things on a computer than it is to get access on one particular computer, and this exploit lets you jump from one to the other.
By exploit standards, that’s not especially hard. I don’t think there’s really anything blocking accessing it at all if an NTFS volume is mounted on a typical desktop Linux distro, as it’s just NTFS permissions blocking it, and they’re not typically obeyed by Linux in the first place.
In the face of your edit, I see that you’ve misunderstood the exploit. You need write access to the System Volume Information directory of your own USB stick, not anything on the target machine. It’s much easier to get access to things on a computer than it is to get access on one particular computer, and this exploit lets you jump from one to the other.
Its bitlocker encrypted. You need to unlock the disk to see System Volume Information in Linux.
does bitlocker encrypt whole volume, or userdata folders? It’s a performance issue to encrypt anything that doesn’t need to be.
Its whole-volume encryption, not file encryption. Most modern CPUs have built-in AES-NI instructions so its not much of a performance penalty (as long as AES is used for encryption).
You can do full disk or folders
I’ll copy the bit here that I just edited into my reply after you edited the first post:
Ah yeah, I misunderstood. Thanks for the clarification.