The original post: /r/privacy by /u/Confident_Monk9988 on 2024-12-18 01:58:33.
I’m working on a script that can accomplish the same tasks as the two projects mentioned in the title. Can anyone double-check this script and help determine if it would work to the same effect as the two projects? It ought to render data on a BitLocker-encrypted drive inaccessible even with possession of the password or private key, without having to methodically erase every bit on said drive.
# Function to remove all key protectors
function Remove-AllKeyProtectors {
param (
[string]$MountPoint
)
$volume = Get-BitLockerVolume -MountPoint $MountPoint
$keyProtectors = $volume.KeyProtector
foreach ($keyProtector in $keyProtectors) {
Remove-BitLockerKeyProtector -MountPoint $MountPoint -KeyProtectorId $keyProtector.KeyProtectorId
}
}
# Get all BitLocker volumes
$volumes = Get-BitLockerVolume
foreach ($volume in $volumes) {
# Remove all key protectors
Remove-AllKeyProtectors -MountPoint $volume.MountPoint
# Optionally, add a "nuke" key protector
# Add-BitLockerKeyProtector -MountPoint $volume.MountPoint -RecoveryPasswordProtector
}
# Shutdown the computer
Stop-Computer -Force
You must log in or # to comment.