Hibernate Community • View topic - Retrieving binary data

Success To Be [OC, M.2 DualBoot, AMD R5, RX 5700 XT, 16GB RAM, BCM94360CD]

Success To Be [OC, M.2 DualBoot, AMD R5, RX 5700 XT, 16GB RAM, BCM94360CD]

OpenCore AMD DualBoot Hackintosh! This would absolutely not have been possible without this community and especially Khronokernel! Many, many thanks - this is my first Hackintosh and self-built PC!! :D


See also: OpenCore config below!
Part Model
CPU AMD Ryzen 5 3600X 3.8GHz 6C
Video Card PowerColor Radeon RX 5700 XT 8GB Red Devil
Memory G.Skill Ripjaws V 2 x 8 GB DDR4-3200C14
Storage ADATA XPG SX8200 Pro 2TB M.2-2280 NVMe SSD
Power Supply Corsair HX750 750W 80+ Platinum Certified Fully Modular ATX
CPU Cooler Noctua NH-D15S
Case Fan 2x Noctua NF-A14 PWM 140 mm
Thermal Paste Thermal Grizzly Kryonaut, 1g
Case Fractal Design Meshify C ATX Mid Tower
Monitor AOC 24G2U/BK 24" 1920x1080 144Hz
Keyboard Apple MB110LL/B Wired
Mouse Logitech G Pro Wireless Optical
Wifi/BT Card via PCIe Fenvi BCM94360CD, AliExpress (Fenvi FV-A436CD)
USB 3.0 PCIe Card Some cheap thing (no brand found?!) I had laying around, not expected to work on macOS, good on Win10
PCPartPicker Part List (without BCM94360CD) About $1600, most parts - especially the expensive ones - where bought on sale, though!
I had these goals in mind:
  • Hackintosh, of course!
  • DualBoot
  • 2K Performance (Everyday PCing to AAA Gaming) with proper heat management, unlike Apple
  • Longevity, my previous Main, a MacBookPro 13'' (Early 2011), still flourishes! :) Good boi!
  • Low noise, hence the Powercolor Graphics Card and the beefy NH-D15S (also for performance)
  • As little dust as possible (see case)
  • As small as possible - without compromising on goals
  • As little RGB as possible (sorry.), which turns out to be difficult
Max credit goes here and here!! Also, here, here, here, here and here. Totally solid work, guys! This Project was started on December, 1st 2019. Now it is February, 7th 2020!


  • Vanilla Hackintosh
  • OpenCore 0.5.5
  • DualBoot on one 2TB M.2 SSD with Win10
  • AMD Ryzen 5 Processor with RX 5700 XT (Navi 10) and 16GB RAM on MSI B450
  • Wifi and BT via BCM94360CD over PCIe (Windows compatible)
  • Sleep/wake works
  • Fixed iServices, even though I probably won't use them...
  • I consider my goals met.
  • Mapped USB ports, see below.

Known issues

  • Bluetooth is always "on", but not working. Probably USB Mapping; Resolved here.
  • Internal drives shown as externals (yellow-orange). Solved..
  • Black screen when setting resolution to 1080i instead of 1080p in system preferences. Minor issue.
  • Cannot boot into Recovery mode. Solved.
  • Won't sleep after set time (system prefs). "HibernateMode" set to "Auto" in config & port mapping KEXTs, see below.
  • Cannot adjust volume of built-in-monitor speaker (DisplayPort)~~~~. Solved with software.
  • Some Motherboard RGB issues - Solved by USB Mapping.
  • Choosing to boot into Windows via Bios (F11) - I don't consider this much of an issue.
I will try to solve these issues in separate threads and update this one, but any help much appreciated! Any comments - e.g. on Kexts; do I need them all?! - are welcome too...

Not tested yet

  • Microphone jack on case.
  • FileVault - don't need that, probably won't test

Advice for interested people


My Hackintosh configuration

  • OpenCore 0.5.5
  • macOS Catalina 10.15.3
  • The following EFI is on my OpenCore stick. There is also the latest macOS on there. If you go for DualBoot, keep this stick around & updated as Windows seems to be able to mess around with your EFI... With this stick you'll always be able to boot your Hackintosh and repair its EFI partition.
  • FULL EFI FOLDER: See in comments ("PlatformInfo" has to be populated in config.plist - see below... You can copy over the info from your current config. Also, my changes in DeviceProperties/Add might be a problem for your storage setup.)
  • OpenCore EFI files:
  • Config.plist: http://www.filedropper.com/configreddit EDIT: See comments (only use if exactly same components as me; see below. Change according to OpenCore Guide!! [PlatformInfo removed; Populate this yourself like this!] I'd advice you to make your own config.plist.) Changed with ProperTree strictly according to the OpenCore Guide. Differences to sample.plist:
    • Probably outdated: All of the following modifications are for OC 0.5.5. If you are on a later version of OC it is likely that these have changed!
    • 5 initial Warnings removed.
    • DeviceProperties/Add: Removed "PciRoot(0x0)/Pci(0x1b,0x0)" and "PciRoot(0x0)/Pci(0x2,0x0)" as well as their children
      • Added Key "PciRoot(0x0)/Pci(0x1,0x1)/Pci(0x0,0x0)" as child of "Add" with Type "Directory". Added child beneath the just made child with name "built-in", type "Data" and value "01000000". To address drive issue above, see here.
    • Populated this config.plist with OC snapshot function of ProperTree (CMD/CTRL+R, point to EFI/OC/) . Adds KEXTs and SSDT.
    • Kernel/Emulate: Removed "CpuidMask" and "CpuidData" (were blank anyway).
    • Kernel/Patch: Ryzen/Threadripper(17h) Patch applied.
    • Kernel/Quirks:
      • "DummyPowerManagement" set to True
      • "ExternalDiskIcons" set to True
      • "PanicNoKextDump" set to True
      • "PowerTimeoutKernelPanic" set to True
      • "XhciPortLimit" set to True (set to False after USB mapping in step F)
    • Misc/Boot:
      • "HibernateMode" set "Auto" after USB mapping
    • Misc/Debug: Nothing changed.
    • Misc/Security:
      • "AllowNvramReset" set to True
      • "AllowSetDefault" set to True
      • "AuthRestart" left False
      • "RequireSignature" set to False
      • "RequireVault" set to False
      • "ScanPolicy" set to 0
    • Misc/Tools: Shell.efi added by the OC snapshot function.
    • NVRAM/7C436110-AB2A-4BBB-A880-FE41995C9F82:
      • "boot-args" set to "-v keepsyms=1 debug=0x100 agdpmod=pikera alcid=1"
      • "nvda_drv" set to <>
      • "prev-lang:kbd" set to my preferences. (Use "656E2D55 533A30" = HEX for keyboard layout "en-US:0"; find your own with a TEXT to HEX converter and this.
    • NVRAM/"WriteFlash" set to True,
    • PlatformInfo: Populated with info according to the Guide with GenSMBIOS. Went with a "iMacPro1,1". Found "Purchase Date not Validated" numbers after about 3 (x10) times.
    • UEFI/Drivers: Drivers auto-added by the OC snapshot function.
    • UEFI/Input:
      • "PointerSupport" changed to "Data" and set to <>
      • "PointerSupportMode" changed to "Data" and set to <>
    • UEFI/Protocols/"ConsoleControl" set to True
    • UEFI/Quirks:
      • "ProvideConsoleGop" set to True
      • "RequestBootVarFallback" set to True
  • Bios settings strictly according to the OpenCoreGuide:
    • Disabled:
      • "Fast Boot"
      • "CSM" [UEFI instead]
    • Enabled:
      • "EHCI/XHCI Hand-off"
      • "Above 4G decoding"

My process (only successful part)

(You'll need 3 USB sticks! 2 with at least 4GB, 1 with at least 8GB. I am not sure, whether the Linux Part is really necessary, or if the partitioning can also be done from the macOS or Win10 stick...)
A) The basic build
  1. Built PC.
  2. Installed Windows 10 from USB stick [8GB] (made from Microsoft Media Creation Tool, instructions here, don't forget to install in UEFI mode - see second link in 3.!). Did some fan adjustments in BIOS too... Keep that stick!
  3. Set up Windows 10, installed drivers (see here, here).
  4. Installed Python 3.7! (For SSDTTime, below. Don't get Python 3.8.1!)
Do not set up Windows too much yet, it will be deleted completely and reinstalled again.

B) Creating the OpenCore Stick
  1. Followed Snazzy Lab's Video (read its description!) to create the OpenCore stick, everything on the above Win10: (useful additional help: khronokernel and VanillaAMD and Github)
    1. (Maybe format your stick to GUID HFS+ via Linux or Mac first... See Github.)
    2. Downloaded latest macOS via gibMacOs.bat (Recovery package!) (Admin privileges needed!). Update 7zip first for step B)1.II. and B)1.III. and use a Lan connection!
    3. Made a bootable install of that via Makeinstall.bat (Number + o) (Admin privileges needed!).
    4. Opened the EFI folder on the now newly made USB stick.
    5. Deleted everything (3 files) in EFI/OC/Drivers/, except FwRuntimeServices.efi.
    6. Deleted everything (2 files) in EFI/OC/Tools/.
  2. Put in the following drivers from AppleSupportPkg on the stick to EFI/OC/Drivers/:
    1. ApfsDriverLoader.efi
    2. VBoxHfs.efi
  3. Put KEXT and SSDT and Drivers on the stick:
    1. For troubleshooting afterwards - while booting from the stick - consult: khronokernel/troubleshooting!!
    2. Put the above KEXTs on the stick, all in EFI/OC/Kexts (instructions: khronokernel, more kexts: onedrive).
    3. Put the following SSDTs on my stick (into OC/ACPI)
      1. See above! SSDTTime not needed.
    4. Created config.plist with ProperTree (search with crtl+f!) (full instructions: khronokernel plus config documentation mentioned above in B)3.a.!!):
      1. Renamed "simple.plist" in the downloaded OpenCorePkg folder to "config.plist" and copied it over to the stick into EFI/OC/.
      2. Open Propertree.bat (Admin privileges maybe needed!) and opened said config.plist via the menu bar "File" of proper tree.
      3. Created my own config via "OC snapshot" in the menu bar "File", navigated to EFI/OC of my stick.
      4. Patched my config with patches.plist from AMD_Vanilla (17h): Open simultaneously in ProperTree. (See Snazzy Laps Video and this on how!)
    5. Edited config.plist, followed Vanilla Guide/amd-config.plist (partly later because of errors): See above!
    6. Saved via menu bar "File".

C) Created bootable Linux stick and made partitions on my internal SSD for dual boot (I was recommended this procedure here), install macOS:
  1. Still in Windows 10: Followed the Ubuntu Tutorial to make another stick.
  2. Shut down Windows 10.
  3. Booted again, with the OpenCore Stick connected, temporarily changed the boot partition with F11 and chose my stick (some of the above mentioned config.plist changes were applied AFTER this step, because certain errors occured):
  4. Got to the boot picker and reset NVRAM.
  5. Restarted the same way and chose the macOS installer (Step 3).
  6. Went into the macOS installer's Disk Manager. Formatted the whole internal SSD (maybe ExFat? Probably doesn't matter) and made two partitions for macOS (APFS) and Windows (don't remember what, maybe ExFat?, doesn't matter)
  7. Exit the Disk Manager and enter the installer. Install macOS. Maybe create a backup of that.
  8. Do this: Especially the EFI copying! How to mount the EFI partition on macOS.
  9. Shut down.

E) Created Windows:
  1. Booted into Linux, via Stick.
  2. Got synaptic and hfsprogs for Linux:
    1. Searched the Programs for "Software & Updates". Enable second option: Community-maintained free and open-source software (universe). "Close" this window and let it do it's download.
    2. Opened Terminal (Ctrl+Alt+T), entered:
      1. sudo apt-get update
      2. sudo apt-get install synaptic
      3. sudo apt-get install hfsprogs (not needed anymore?!)
  3. Searched for "Disks". Designated the 200MB partition from above as EFI (I believe via the cog wheels > Format Partition). Close that window.
  4. Searched in progs for "GParted":
    1. Format the second, partition to NTFS.
    2. (You should see three partitions on your internal SSD: EFI, Mac (APFS - probably unrecognised) and Windows)
  5. Shut down Linux.
  6. Boot with Windows Stick connected into the Windows installer.
  7. Install Windows on that NTFS partition.
  8. (Mac and Windows will write their EFI on the same partition! Keep at least your OpenCore Stick!!)
F) Finished. Set up both machines (Windows: here and here) completely!! :D
  • Mapped my ports by removing the XHC0 controller with this kext completely (lost two ports in the process, but that's ok) and (optionally) mapped the PTXH controller with this kext (you might have to adjust this!). For why, see here. See here and here, too!
  • Disabled OpenCore logging: Values set to 0. (In config above not included!)
  • Found "valid" SMBIOS numbers, fixed iServices according to this. (In config above not included!)
  • Didn't enable FileVault or OpenCore Security Features yet... Probably won't.
submitted by CrayCJ to hackintosh [link] [comments]

"Failed to hibernate system via logind: Not enough swap space for hibernation" with swap file on LUKS encrypted Btrfs

EDIT: Solved. I had a typo in the kernel parameters. resume_offest. :facepalm: I regret nothing.
Hi all. I've been going through the Arch wiki in the past few days, trying to get suspend to disk to work on my LUKS encrypted Btrfs using a swap file. I have a /swap subvolume with an initialized /swap/swapfile, and its size is larger than the one specified in /sys/poweimage_size . When executing systemctl hibernate I get the following error. Can someone point me to what I'm missing? Here's the relevant system information:
# systemctl hibernate Failed to hibernate system via logind: Not enough swap space for hibernation # swapon -s # swapfile size is ~7G, error persists even if this is ~20GB Filename Type Size Used Priority /swap/swapfile file 7340028 0 -2 # free -h total used free shared buff/cache available Mem: 15Gi 1.4Gi 12Gi 391Mi 1.6Gi 13Gi Swap: 7.0Gi 0B 7.0Gi # ls -l /swap/swapfile -rw------- 1 root root 7.0G Apr 11 15:33 /swap/swapfile # sudo lsattr /swap/swapfile ---------------C---- /swap/swapfile # sudo btrfs property list /swap/swapfile compression compression algorighm for the file or directory # cat /sys/poweimage_size 6545125376 # ~6.5GB # cat /etc/fstab # Static information about the filesystems. # See fstab(5) for details. #       # /dev/mappecryptroot LABEL=ArchLinux UUID=e68feaa2-026f-4519-acd3-48b1dc3ad26e / btrfs rw,relatime,compress=zstd:3,ssd,space_cache,subvolid=256,subvol=/@,[email protected] 0 0 # /dev/nvme0n1p1 LABEL=ESP UUID=EC5D-1EC7 /boot vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro 0 2 # /dev/mappecryptroot LABEL=ArchLinux UUID=e68feaa2-026f-4519-acd3-48b1dc3ad26e /home btrfs rw,relatime,compress=zstd:3,ssd,space_cache,subvolid=258,subvol=/@home,[email protected] 0 0 # /dev/mappecryptroot LABEL=ArchLinux UUID=e68feaa2-026f-4519-acd3-48b1dc3ad26e /.snapshots btrfs rw,relatime,compress=zstd:3,ssd,space_cache,subvolid=257,subvol=/@snapshots,[email protected] 0 0 # /dev/mappecryptroot LABEL=ArchLinux UUID=e68feaa2-026f-4519-acd3-48b1dc3ad26e /var btrfs rw,relatime,compress=zstd:3,ssd,space_cache,subvolid=259,subvol=/@var,[email protected] 0 0 # /dev/mappecryptroot LABEL=ArchLinux UUID=e68feaa2-026f-4519-acd3-48b1dc3ad26e /srv btrfs rw,relatime,compress=zstd:3,ssd,space_cache,subvolid=260,subvol=/@srv,[email protected] 0 0 # /dev/mappecryptroot LABEL=ArchLinux UUID=e68feaa2-026f-4519-acd3-48b1dc3ad26e /swap btrfs rw,relatime,compress=zstd:3,ssd,space_cache,subvolid=261,subvol=/@swap,[email protected] 0 0 /swap/swapfile none swap defaults 0 0 # sudo ./btrfs_map_physical /swap/swapfile | head -n 2 FILE OFFSET FILE SIZE EXTENT OFFSET EXTENT TYPE LOGICAL SIZE LOGICAL OFFSET PHYSICAL SIZE DEVID PHYSICAL OFFSET 0 4096 0 regular 268435456 24003264512 268435456 1 24003264512 # python -c 'print(24003264512 / 4096)' 5860172.0 # cat /boot/loadeentries/arch.conf title Arch Linux linux /vmlinuz-linux initrd /intel-ucode.img initrd /initramfs-linux.img options rd.luks.name=a9643812-e6f6-4a83-80a5-fa279319cb76=cryptroot root=/dev/mappecryptroot [email protected] resume=UUID=e68feaa2-026f-4519-acd3-48b1dc3ad26e resume_offest=5860172 rd.luks.options=discard mem_sleep_default=deep rw # sudo blkid /dev/nvme0n1p1: LABEL="ESP" UUID="EC5D-1EC7" BLOCK_SIZE="512" TYPE="vfat" PARTLABEL="EFI system partition" PARTUUID="779d3ecf-a384-4af6-a7f1-e590aa461a51" /dev/nvme0n1p2: PARTLABEL="Microsoft reserved partition" PARTUUID="04026d8b-75c2-427b-bb61-829e1cd59bb8" /dev/nvme0n1p3: LABEL="OS" BLOCK_SIZE="512" UUID="B4BC610DBC60CB84" TYPE="ntfs" PARTLABEL="Basic data partition" PARTUUID="93ebb189-2d9d-4289-a16c-e6312b1f8a01" /dev/nvme0n1p4: UUID="a9643812-e6f6-4a83-80a5-fa279319cb76" TYPE="crypto_LUKS" PARTLABEL="primary" PARTUUID="4e28fb6f-e43e-4b13-8535-a0ff12963167" /dev/mappecryptroot: LABEL="ArchLinux" UUID="e68feaa2-026f-4519-acd3-48b1dc3ad26e" UUID_SUB="f0d73592-f7c4-4702-85e1-53ca679bda11" BLOCK_SIZE="4096" TYPE="btrfs" # lsblk -pfo NAME,SIZE,TYPE,FSTYPE,MOUNTPOINT NAME SIZE TYPE FSTYPE MOUNTPOINT /dev/nvme0n1 477G disk ├─/dev/nvme0n1p1 180M part vfat /boot ├─/dev/nvme0n1p2 128M part ├─/dev/nvme0n1p3 255.9G part ntfs └─/dev/nvme0n1p4 220.8G part crypto_LUKS └─/dev/mappecryptroot 220.8G crypt btrfs /valib/dockebtrfs # cat /etc/mkinitcpio.conf MODULES=(i915) BINARIES=("/usbin/btrfs") FILES=() HOOKS=(base systemd autodetect keyboard sd-vconsole modconf block sd-encrypt sd-lvm2 filesystems fsck) # pacman -Q systemd systemd 245.4-2 # uname -a Linux roach 5.6.2-arch1-2 #1 SMP PREEMPT Sun, 05 Apr 2020 05:13:14 +0000 x86_64 GNU/Linux 
Thanks in advance for any kind of assistance or guidance.
Side question: Why when executing lsblk, the MOUNTPOINT for /dev/mappecryptroot is /valib/dockebtrfs?
submitted by OryBand to archlinux [link] [comments]

A Comprehensive Guide on Securing Your System, Archives and Documents

A Comprehensive Guide on Securing Your System, Archives and Documents
How can you make your system and documents secure? Today, 256-bit AES encryption is offered by everyone and their dog. However, AES encryption does not mean much (or anything at all) when it comes to the real security of your data. Implementing encryption at the right time and in the right spot is no less important than choosing strong encryption credentials and managing the encryption keys.
While the previous part may sound a bit complicated, it all comes down to much simpler things than choosing the strongest encryption algorithm or selecting the length of the encryption key. If you are a Windows user, it all comes down to choosing the optimal data protection strategy for your particular usage scenario; protecting your storage media and the data you keep on them.

Defining your goals

Before you start considering encrypting your hard drives and files, make sure to define your objectives. What information would you like to protect? What threats do you consider important, less important and quite improbable?

Full-disk encryption part I: protecting your boot device

A reliable system protection is impossible without protecting your boot device. An unencrypted boot device (disk C: on most systems) allows for way too many vectors of attack ranging from hibernation and page file analysis to instant extraction of stored passwords from your Web browser vault. In other words, securing your boot device with BitLocker is an absolutely mandatory preliminary step and the most important security layer.
  • Availability: Windows 10 Professional and higher with TPM2.0, Intel PTT or Group Policy edit; all Windows editions for device encryption in thin and light devices meeting minimum requirements.
    • Note: although Windows 10 Home cannot natively create new BitLocker volumes, it can unlock BitLocker encrypted drives with full read-write access
  • Physical access, hard drive only: strong protection
  • Physical access, entire computer: it’s complicated
  • Other users on the same computer: not applicable
  • Malware/ransomware: not applicable
  • Online attacks: not applicable
  • Usage cases: protect data against theft of computer or hard drive; protect data if hard drives are sold or RMA’d; protect data against physical extraction.
If your computer meets the requirements (namely, the presence of a hardware TPM2.0 module or software-based Intel Platform Trust Technology), enabling BitLocker on your computer can be as easy as opening the Control Panel and launching the BitLocker Drive Encryption applet. Note that not all editions of Windows 10 can use BitLocker protection.
We have a comprehensive article on BitLocker protection in our blog, which is highly recommended. Introduction to BitLocker: Protecting Your System Disk
What caveats are there when it comes to securing data against physical extraction? The thing is, while BitLocker is nearly a 100% effective solution for protecting the bare drive, it might not be as secure if the intruder has access to the entire computer with the hard drive installed. Even if your computer is equipped with a TPM2.0/Intel PTT module, Windows will still unlock the encrypted hard drive if Secure Boot conditions are met. This in turn opens numerous vectors of attack that may allow the intruder to intercept the on-the-fly BitLocker encryption key and decrypt the hard drive. These vectors of attack include:
  1. Making a RAM image of a running computer with BitLocker volume(s) mounted. This can be done via a Thunderbolt attack (Windows, by default, does not disable Thunderbolt DMA access when locked) or a cold boot attack.
  2. Breaking or extracting your Windows logon password (e.g. extracting from your Google account, your smartphone, or from another computer you have logged in and synced your data to).
  3. Obtaining your BitLocker Recovery Key from your Microsoft Account or Active Directory.
Advanced users and system administrators can read the following guide to secure their BitLocker volumes: BitLocker recovery guide

Full-disk encryption part II: protecting external storage devices

BitLocker is good not only for protecting your boot device, but for encrypting data on other volumes, built-in and removable. BitLocker protects external storage devices with BitLocker To Go, an encryption algorithm based on a password. In addition to passwords, external drives encrypted with BitLocker To Go have an option to unlock with a smart card on another computer by using BitLocker Drive Encryption in Control Panel. Finally, users can opt to make their encrypted external devices automatically unlock when connected to their (trusted) computer.
  • Availability:
    • Encrypt external devices: Windows 10 Professional and Enterprise
    • Access BitLocker encrypted devices: although Windows 10 Home cannot natively encrypt drives with BitLocker, it can access BitLocker encrypted drives with full read-write access
  • Physical access, device only: protection as strong as your password
  • Physical access, entire computer: it’s complicated (see previous chapter)
    • Note: if you enabled the option “Unlock automatically on this PC”, then effectively no protection
  • Other users on the same computer: strong protection if offline/not mounted
  • Malware/ransomware: strong protection if offline/not mounted
  • Online attacks: strong protection if offline/not mounted
  • Usage cases: protect data stored on external storage devices such as external drive enclosures, USB flash drives etc.
Unlike system drive encryption, BitLocker To Go does not support multifactor authentication. This means you cannot use TPM protection as an additional form of authentication. You can, however, make BitLocker To Go devices unlock automatically when they are inserted in your (trusted) computer, which carries obvious security implications.

Full-disk encryption part III: using third-party crypto containers

I put it here just for the sake of completeness. If you are considering using a crypto-container such as VeraCrypt or PGP, you probably know what it is good for and how to use it. I’ll just add several things that aren’t immediately obvious when you set up encryption. In fact, the two things are so non-obvious that many coach experts have it backwards. (The right way: Choosing the right hashing algorithm – it’s all about slowness).
  • Availability: VeraCrypt is available on most relevant platforms
  • Physical access, hard drive only: very strong protection unless misconfigured
    • Misconfiguration examples: volume stays mounted when computer sleeps or hibernates; volume stays mounted when computer is locked (matter of security vs. convenience); volume unlocked with security key (e.g. USB flash drive) and no password (if USB flash drive is discovered)
  • Physical access, entire computer:
    • volume not mounted at time of analysis: very strong protection
    • volume mounted: very little protection
  • Other users on the same computer
    • volume not mounted at time of analysis: very strong protection
    • volume mounted: very little protection
  • Malware/ransomware: same as above
  • Online attacks: same as above
  • Usage cases: protect data against theft of computer or hard drive; protect data if hard drives are sold or RMA’d; protect data against physical extraction.
The choice of encryption algorithm (spoiler: use AES)
Crypto containers such as VeraCrypt offer the choice of several (actually, multiple) encryption algorithms that range from the industry-standard AES to some quite exotic algorithms such as Serpent or Kuznyechik. For the paranoiacs among us, VeraCrypt offers stacked encryption (e.g. the Serpent(AES) option). The thing is, the choice of an encryption algorithm does not affect the security of your data (unless you pick an algorithm with known or suspected vulnerabilities; finger pointed to Kuznyechik).
The choice of encryption algorithm does not affect the security of your data. A single round AES-256 encryption will be exactly as secure as Serpent(AES) or Serpent(Twofish(AES)). Moreover, the choice of encryption does not even affect the recovery speed (the speed of brute-force attacks on your password)!
Considering that AES is the only hardware-accelerated encryption algorithm in all reasonably modern processors, choosing any encryption algorithm other than AES-256 will unnecessarily slow down your reads and writes (expect a difference of 2 to 3 orders of magnitude in theoretical RAM-to-RAM encryption speeds) without providing any additional security benefit.
If choosing an encryption algorithm other than AES does not affect security, then what does?
The choice of hashing algorithm
When VeraCrypt encrypts (or decrypts) your data, it is using a binary encryption key to perform symmetric cryptographic operations. This media encryption key (MEK) is stored along with the encrypted data. The Media Encryption Key (MEK) is encrypted with a Key Encryption Key (KEK), which, in turn, is the result of multiple (hundreds of thousands) iterative hash operations performed on the user’s password.
In other words, when you type a password, the crypto container will perform a calculation of a certain hash function, and repeat that a 100,000 times or more (in order to deliberately slow down brute-force attacks).
If you want to make your encrypted volume more secure, you can change one of the two things:
  1. Increase the number of hash iterations
  2. Don’t use defaults
  3. Choose a slower hash function
VeraCrypt allows modifying the number of hash iterations by adjusting the PIM (Personal Iterations Multiplier); here is the how-to. The PIM value controls the number of iterations that is used to derive the encryption key from the password that you type. This value can be specified through the password dialog or in the command line. If you don’t manually specify the PIM value, VeraCrypt will use the default number of iterations, which is bad because (2). For SHA-512 or Whirlpool (the two recommended choices), VeraCrypt defaults to Iterations = 15000 + (PIM x 1000).
Why would you want to change the number of hash iterations? Because an attacker will first try to break your password using the defaults. Most tools used by the attackers to brute-force your password will first run the attack using all-defaults: the default encryption algorithm (AES), hash function (SHA-512) and PIM. Changing the PIM value is an easy way to substantially increase security without making your password more complex. Changing the hashing algorithm from default (SHA-512) to Whirlpool also makes sense in this context.
Which brings us to the choice of a hashing algorithm. VeraCrypt offers the choice of SHA-512 (slow, good choice), Whirlpool (slower, even better choice), SHA-256 (slow, but not as slow as SHA-512, use other hash instead), and Streebog (untested). Choosing the right hashing algorithm – it’s all about slowness has some benchmarks and some good explanations; highly recommended. Selecting Whirlpool makes a lot of sense because a) it is slower than SHA-512 (thus will be significantly slower to attack), and b) it is a non-default selection, which significantly increases the complexity of the attack.

File system encryption: when and how to use EFS

If you read the Wikipedia article about Microsoft Encrypting File System (EFS), you’ll get that EFS has been introduced in NTFS 3.0 in order to provides file system level encryption. The article reads: “The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.”
While all of that is interesting, neither statement explains who and, most importantly, why should be using EFS, and what exactly the encrypting file system protects against.
  • Availability: all versions and all editions of Windows 10 (and most older versions of Windows)
  • Physical access, hard drive only: as strong as your Windows account password
  • Physical access, entire computer: same as above
  • Other users on the same computer: effective protection
  • Malware/ransomware: not applicable
  • Online attacks: not applicable
  • Usage cases: protect your documents from other users of your computer; an extra layer of security on BitLocker-protected drives; reasonably strong, very easy and fully transparent document encryption on computers where BitLocker is not supported.
What does EFS protect against, and who should be using it?
The purpose of Encrypting File System is protecting your data from users who share your computer. If you have a PC with several users, and each user has their own Windows login (as opposed to sharing a single Windows account), activating EFS encryption is the easiest way to protect your files from being accessed by those other users.
What is the relation between EFS and BitLocker, and which one should you use?
BitLocker protects your entire system volume. Any user who can log in to your computer will unlock the system volume. If a user has administrative privileges (or can escalate a non-admin account by using an exploit), he or she will also gain access to files and documents stored in other users’ accounts on that computer.
Encrypting File System, on the other hand, only protects selected folders. It won’t, for example, protect your instant messenger databases or encrypt your browsing history. It’s mostly just for documents, pictures and videos you keep in your account. However, EFS will effectively protect those files against other users who can log on to your computer, even if they have administrative privileges.
If an attacker got physical access to the computer, BitLocker is the first line of defence. Relying solely on EFS to secure the PC against attacks with physical access is not the best idea.
How does it all work? It’s actually quite simple. Right-click on a file or folder you’d like to encrypt, select Properties and click the Advanced button in the General tab. In the Advanced Attributes dialog select Encrypt contents to secure data and click OK.

This is it. Windows will now encrypt the selected file or folder with your Windows logon credentials. There are no passwords to type and no encryption keys to save.
There is a certain drawback to using EFS encryption. If you ever forget your Windows password and have to reset it from a separate Administrator account (or your domain administrator resets the password for you), the EFS encryption keys will be lost, and you will be unable to decrypt your data without going through the data recovery process with Elcomsoft Advanced EFS Data Recovery. Note that you must recover your Windows password in order to decrypt the files. However, if you simply change your Windows password by following the normal procedure (typing your old password followed by entering the new one), you will be fine.

Document encryption

Encrypting individual documents is an important part of multi-layer security. Microsoft Office apps can use passwords to encrypt the documents’ content. No one without a password should be able to decrypt the document.
  • Availability: all versions of Microsoft Office
  • Security: depends on the version of Microsoft Office, the file format you’re using to save the files and the strength of your password.
  • Physical access, hard drive only: strong protection (with caveats)
  • Physical access, entire computer: strong protection (with caveats)
  • Other users on the same computer: strong protection (with caveats)
  • Other users on your Local Area Network: strong protection (with caveats)
  • Malware/ransomware: content protection. Malware won’t be able to decrypt your files and read your data. However, malware/ransomware can still encrypt your files, effectively locking you out.
  • Online attacks: content protection. Strong protection against unauthorized data access; no protection against unauthorized deletion
  • Usage cases: protect the content of your documents against anyone who does not know the encryption password.
  • How to: Protect a document with a password
A million dollar question: if you are on a local area network, should you use EFS or document encryption to protect documents against other users on the same LAN? In this case, it’s better to use both. EFS will make it impossible to gain access to encrypted files and folders without knowing your Windows account/domain credentials. Password protection of individual documents will make documents difficult to break even if the attacker knows your logon credentials.
The caveats of document encryption
So what exactly does “strong protection (with caveats)” mean? The thing is, your documents are just as secure as the password you use to protect them. If you re-use a password you already stored in your browser cache or in the keychain, extracting that password and decrypting the documents will be a matter of minutes in many types of attacks.
What if you use a cryptographically strong and truly unique password to encrypt documents? Are these documents secure? The thing is, they will be just as secure as the office app permits them to be. In Microsoft Office encryption evolution: from Office 97 to Office 2019 I discussed the encryption algorithms and protection strength of Microsoft Office apps from the early days to the most current release.
Generally speaking, everything before Office 2000 was insecure (no protection). Office 2000, XP and Office 2003 had very weak encryption that can be usually broken in under a day.
Since Office 2007, Microsoft started taking encryption seriously. Office 2010, 2013, 2016, 2019 brought security to the new level, making encrypted documents very secure.
Okay, so you are using the latest Office and selected a strong password; are we secure now? The thing is, you’ll be just as secure as the document format allows. If you are using the newer DOCX/XLSX format (files with .docx / .xlsx extensions), you’re good. If, however, you are saving your documents in “compatibility” mode, you are sacrificing encryption and make your documents as vulnerable as if they were saved by an Office 2003 app.
Best practices:
  1. Use the latest version of Microsoft Office to save documents. If the latest version is not available, use at least Office 2013 (the newer the better).
  2. Never save documents in “compatibility” mode. Make sure that the files are DOCX/XLSX as opposed to DOC/XLS.
  3. Use a unique, cryptographically strong password to encrypt documents. Remember: if the password is broken once (e.g. pulled from your Google account or recovered from a document you accidentally saved in the “compatible” format), it will be used to break everything else, including documents with strong encryption.
  4. If you email an encrypted document, do use a unique, one-time password for that document, and never send both the document and the password in the same email. In fact, you should never send the password by email since that would allow an attacker who gained access to your email account to decrypt the document. Send the document and the password via separate communication channels (e.g. email / text message, chat or phone call).

Protecting backups and archives

Making regular backups is a common wisdom. Protecting those backups is a wisdom much less common. Once you make a backup, make sure to give it as strong a protection as your boot drive.
  1. Store backups on BitLocker-protected media. Even if your backup tool (e.g. the one built into Windows) does not support encryption, at very least your storage media is protected with full-disk encryption. Note: Windows 10 does support the recovery from BitLocker-protected disks. Just create a bootable install image from Microsoft Web site (use “Create Windows 10 installation media”).
  2. If your backup tool supports encryption, it may be a good idea to encrypt your backups (AND store them on a BitLocker-protected media). Note, however, that a backup tool will probably cache (store) your backup password on your computer to automatically encrypt new and incremental backups. For this reason, make sure to have a truly unique, never reused password for encrypting backups.
Individual folders are frequently backed up using common archive tools such as WinZip, 7Zip or WinRar. All of these tools offer the ability to encrypt archives with a password. While the encryption strength is different among the three formats (ZIP, 7Z and RAR), an up to date version of each tool provides adequate protection if you choose a reasonably complex password (e.g. 8 characters or more, combining small and capital letters with numbers and special characters). To achieve the best level of protection, do keep those archives on BitLocker-protected media.
Note that password recovery tools work significantly faster on ZIP/7Z/RAR compared to attacking BitLocker encryption or Office 2013 (and newer) documents. For this reason, never reuse your password, and make sure that your BitLocker media, your documents and your backups/archives use very different passwords (ideally, not based on the same pattern).
More information:

Cloud security: OneDrive Personal Vault

Microsoft started offering an extra layer of security to all users of its cloud storage service in the form of a Personal Vault. OneDrive Personal Vault helps secure your files both on your computer and in the cloud in the event that someone gains access to your account or your device.
Unlike ransomware protection, Personal Vault is available to all users of Microsoft OneDrive and not just to Office 365 subscribers. Technically speaking, Personal Vault is an area in the OneDrive folder on your computer and in the OneDrive cloud storage that features additional protection. You can only access this protected area after passing a strong authentication. If your Microsoft Account is protected with two-factor authentication, you will have to pass the second step of identity verification in addition to typing your Microsoft Account password.
Once configured, Personal Vault must be manually unlocked every time you need access to secured data. To unlock, you must type in your Microsoft Account password and pass the second authentication step if your account has two-factor authentication. Once you’ve finished accessing the data, Personal Vault will automatically relock after a short period of inactivity. Once locked, any files you were using will also lock and require re-authentication to access.
Setting up Personal Vault only takes a few clicks as outlined in Protect your OneDrive files in Personal Vault.
OneDrive Personal Vault is still new; no independent security analysis has been performed until today. In our view, Personal Vault is worth consideration as an extra security layer for some of the most private but rarely accessed types of data. Examples of such data may include BitLocker escrow keys and binary encryption keys, or the list of passwords some users store in encrypted Excel spreadsheets. I personally keep my two-factor authentication secrets (scanned QR codes to initialize the Authenticator app) in the Vault as well.
  • Physical access: unknown (not yet analyzed)
  • Other users on the same computer: strong protection
  • Malware/ransomware: strong protection (unless Personal Vault is unlocked at the time malware is running)
  • Online attacks: as strong as your Microsoft Account security
  • Usage cases: activate to add an extra layer of security for a handful of personal documents, encryption keys, 2fa secrets etc.

Ransomware protection

One of the most important threats not covered by any encryption is the type of malware called ransomware. Ransomware is a type of malware that threatens to either publish the data stolen from the victim or perpetually block access to the victim’s files by encrypting them with a key that is only known to the attacker. The term ‘ransomware’ has emerged from the fact that, on many cases, attackers demand a ransom payment to decrypt data.
Protecting your data against ransomware is a complex topic in itself. However, computer users can choose one or both of the following two defences when it comes to ransomware protection.
Ransomware protection is effective against the following threats.
  • Physical access: no protection
  • Other users on the same computer: no protection
  • Malware/ransomware: effective protection
  • Online attacks: as strong as your cloud account security
  • Usage cases: available automatically to Office 365 subscribers. Available to paid Dropbox users. Automatically protects files stored in OneDrive/Dropbox. Automatic alerts (OneDrive only). Automatic restore (OneDrive only); manual restore (Dropbox).
Use cloud storage with automatic ransomware protection
If you are using Windows 10, most likely you already have a Microsoft Account. The Microsoft Account gives you access to OneDrive, Microsoft’s cloud storage solution. The free tier includes 5 to 15 GB of online storage, while Office 365 subscribers receive the whole terabyte of cloud storage.
Microsoft actively promotes OneDrive Ransomware Protection. OneDrive automatically detects when the files are mass-deleted or mass-edited (such as when ransomware encrypts the entire Documents folder), alerts the user and prompts to restore the known-good snapshot. The File Restore feature is only available to Office 365 subscribers (Home and Personal levels are enough to receive protection).
More information at Ransomware detection and recovering your files.
If you prefer Dropbox to Microsoft OneDrive, Dropbox gets you covered against ransomware attacks, but mostly for higher-level paid tiers. Users of the free Basic tier as well as Plus subscribers can roll back individual encrypted files during the first 30 days after the attack (there will be no warning of mass-deletion of mass-encryption of files coming from the Dropbox app). If you want to roll back the entire Documents folder with Dropbox Rewind, you’ll need to be a paid Plus or Professional tier subscriber.
More information:
Make backup snapshots. Keep backup media offline
Once ransomware is installed on your computer, it will try to encrypt every document that is accessible. The obvious solution is making documents inaccessible by physically disconnecting backup media (such as using 2.5” portable USB drives to back up). In this scenario, you would only connect backup media to your computer when you actually want to make the backup, disconnecting the disk after the backup tool finishes its job. With this approach, even if your computer is attacked by ransomware, your offline backups will not be affected (unless you connected the external drive to the computer at the time the ransomware was installed).
In addition, configure your backup tool to keep snapshots of your data going back as long as permitted by available storage. In our office, an affordable 4TB USB hard drive can keep approximately 30 to 40 full snapshots of the Documents folder; this number becomes significantly larger if you enable incremental backups, with each snapshot saving only
More information:
submitted by Elcomsoft to computerforensics [link] [comments]

Windows 10 Performance and Optimization Guide

This guide is going to be specific to Windows 10 and Nvidia Video Cards as this is what I can speak to with my experience. This aggregate of Windows 10 tweaks have still served useful for those with AMD video cards that I have attempted to help in the past, so they will more than likely work for the red teamers out there. (except for the Nvidia tweaks of course.)
Aside from the reports from individuals who I suggested these tweaks to, stating that their game is now buttery smooth and performing as intended, these changes in Windows allow me to run a highly modded 4k Skyrim with the same feeling of performance even while streaming it from the same machine.
The issue most of us neglect is Windows 10 and the sheer volume of nonsense Microsoft has been shoving into it in order to "make it better.", when, in fact, it needs to help us by not helping us. The adjustments to windows have helped people with low end, marginal systems to systems like mine:
i7 5930k @4.3 EVGA GTX 1080 SC 16 gigs DDR4 @2400 Samsung EVO Pro 500 gig SSD x2 Western Digital 1tb Black 7200 HDD Asus x99-PRO - USB 3.1
So let's get to it!
Please read the entire section of a Tweak before performing any changes as some sections have options for you to choose from.
Disable Hibernation
In Windows 10, as with previous versions, there are three basic options when you turn off your computer: shut down, sleep and restart. When you choose shut down, your PC will do different things depending on whether hibernate is enabled or disabled.
Hibernate is the same as Sleep mode. It means you can carry on where you left off: all your apps will be open and where you left them, and browser tabs will still be open. Hibernate is also linked with Fast Startup in Windows 10.
But, here's the thing, when hibernate is enabled Windows will create a file on your system drive to handle the hibernation process. By default the file is 75% of your RAM amount – a computer with 4 GB of RAM would have a 3.5 GB hiberfil.sys file. That means with 16gb of RAM, the file is 12 gigs in size.
  • Click on the Windows icon, type cmd, right click Command Prompt and run as Admin.
  • Type powercfg –h off and press Return. powercfg -h on will enable it.
  • You won’t see any confirmation of success, but you should see an error if it doesn’t work for any reason.
If you don't feel comfortable disabling this feature, you can still reduce the file size:
  • Click on the Windows search bar and type cmd
  • Right click on ‘Cmmand Prompt’ and click on ‘Run as administrator’
  • Type powercfg -h -size 50
This will make the file size 50% of your available RAM, the lowest it can go.
Disable SuperFetch
SuperFetch has two goals: it decreases boot time, and makes sure applications that you use the most load more efficiently. SuperFetch also takes timing into account, in that it will adapt itself to your usage patterns.
SuperFetch' second goal is to make applications launch faster. SuperFetch does this by pre-loading your most often used applications in your main memory, based on not only usage patterns, but also on when you use them. For instance, if you have the same routine every morning (Chrome - Music - Email - Porn), SuperFetch will pre-load these into memory in the morning. If your evening routine is different (for instance, it includes gaming, chrome, and porn), SuperFetch will adapt, and load those in memory instead during the evening. Even when you're playing another game.
Disable from Services
  • Hold the Windows Key, while pressing “R” to bring up the Run dialog box.
  • Type “services.msc“, then press “Enter“.
  • The Services window displays. Find “Superfetch” in the list.
  • Right-click “Superfetch“, then select “Properties“.
  • Select the “Stop” button if you wish to stop the service. In the “Startup type” dropdown menu, choose “Disabled“.
Enable or Disable from Registry
Hold the Windows Key, while pressing “R” to bring up the Run dialog box.
Type “Regedit“, then press “Enter“.
The Registry Editor window appears. Navigate to the following location in the Registry:
  • HKEY_LOCAL_MACHINE>SYSTEM> CurrentControlSet> Control> Session Manager> MemoryManagement> PrefetchParameters
On the right side, double-click on “EnableSuperfetch“. If this value doesn’t exist, right-click the “PrefetchParameters” folder, then choose “New” > “DWORD Value“.
Give “EnableSuperfetch” one of the following values:
  • 0 – to disable Superfetch
  • 1 – to enable prefetching when program is launched
  • 2 – to enable boot prefetching
  • 3 – to enable prefectching of everything
Windows Page File Tweak
This section is for systems where you do not plan on doing any content production as capping out your available ram may result in crashes. I personally have never had a crash during such operations, but you should be warned.
16gb RAM suggested. skip this section if you have less than 16gb of ram.
With Memory Compression off Windows will need to rely on the disk-based page file more heavily. The more RAM you have the less of a paging file you'll have. At 16 gb you can disable the paging file entirely and your computer will be much faster as it won't ever try to use the paging file in the first place.
The process for changing this on Windows 10 is as follows:
  1. Right Click the start menu.
  2. Click System
  3. Click about
  4. On the right side of the window click System Info under the Related Settings section
  5. Click Advanced System Settings
  6. Under performance click settings
  7. Click Advanced
  8. Click Change
  9. Uncheck Automatically manage paging file for all drives
  10. For disk C: set no paging file
  11. You can set a secondary drive to system managed if you want, preferably an SSD.
Setting no page file can result in programs that use a lot of RAM crashing when you run out of RAM. If a program crashes, the worst thing you lose is unsaved data or changes to what you were working on. It will not damage your system as some people suggest in the comments. I have had no issue changing this setting and neither has anyone I've directly worked with.
Windows 10 Memory Management Tweak
Windows 10 has a feature called Memory Compression. This is designed to minimise how often Windows needs to use the page file on disk. Unfortunately, it uses a ton of ram simply to reopen programs you've closed faster. As we would rather have this applied to the game instead, we want to disable it. It's is very easy to turn off.
Make sure you have set your page file settings as detailed in the previous section before rebooting.
  • Open up an Administrator mode Powershell prompt.
  • Right-click the start menu flag and choose Windows Powershell (Admin).
  • You may need to search for "Powershell" then right-click and run as administrator.
Once the blue PowerShell window has opened up you want to type the following command:
  • Disable-MMAgent -MemoryCompression
To turn it back on:
  • Enable-MMAgent -MemoryCompression
And to see the current status:
  • Get-MMAgent
Once you have run the disable command I suggest using the Get-MMAgent command to ensure it shows MemoryCompression as False
When memory compression shows as false, reboot your PC.
Nvidia Inspector
Nvidia Users ONLY!
I am only going to the list the changes that I suggest to specific settings. If you have a particular setup that helps you maintain a specific system setting, like multi-monitor surround display, keep your current setting. My changes will only be performanced based.
Download Nvidia Inspector Here
Once you open the program, click the header at the top and begin typing PlayerUnknown's Battlegrounds. It should auto fill before you're finished typing, so just hit enter to switch to it.
2 - Sync and Refresh:
  • Maximum pre-rendered frames - 1
  • Prefered Refreshrate - Highest Available
  • Tripple Buffering - Off
5 - Common
  • Power Magnagement Mode - Prefer maximum performance
  • Threaded optimization - On
Click Apply changes twice in the upper right hand corner of the Inspector to insure the changes were accepted and then close the program.
Miscellaneous Tweaks
A Solid State Hard Drive
This is a general quality of life improvement with all load times, but PUBG has a knack for making it an issue with a standard HDD speed being too slow to load all of the assets in a timely manner, which can result in playdough buildings that you can not enter.
Steam Overlay
Disabling this can help improve performance. Keep in mind, if you want to buy in-game keys for crates, you will need to turn this back on. Save your comments on the discussion of Microtransactions, this guide is strictly focusing on performance.
This process is suggested to simply clean up any remnants from previous versions of the game on your system after you get the current patch. if you have Reshade installed, you will need to reinstall it as well after this process.
  • Open Steam
  • Click on your Library
  • Right click PlayerUnknown's Battlegrounds
  • Properties
  • Local Files
  • Browse Local Files.. to open the current location of the game.
  • Return to the Steam properties window and click Uninstall
  • Return to the windows explorer folder you just opened and Remove anything that remains in the folder.
  • Reinstall the game through Steam.
Disable Windows 10 Fullscreen optimizations
  • Open TslGame.exe Properties located in folder ...Steam\steamapps\common\PUBG\TslGame\Binaries\Win64
  • Click the Compatibility Tab
  • near the bottom, check Disable fullscreen optimization.
  • hit apply, then ok.
I found that checking "Run this program as administrator" will cause the game to be unable to find the Steam network after launching. So don't go turning that on for no reason.
In closing & suggestions
I hope that this has improved your experience with gaming in general and not just PUBG. In the instances where it did not, do not worry as all of the tips suggested here are reversible.
If you would like to add any tips or tricks to the guide, please leave them in the comments section below with a detailed description, or link, that clearly explains how to perform it.
The goal of this guide is to collect and maintain general tips and adjustments to Windows 10 in order to improve overall performance for any game you wish to play on it. I will be adding more tips to this guide over time so be sure to reddit save the OP.
Thank you for your time,
submitted by Suicidal_Baby to PUBATTLEGROUNDS [link] [comments]

What is Hibernate in Windows? How to Enable this Great Feature TRADING STRATEGY: BINARY OPTIONS BROKER - BINARY OPTIONS SYSTEM (HOW TO TRADE BINARY OPTIONS) TRY THIS Main Rules for Profitable Trading with Binary Options Strategy 2020 Binary Options - For Beginner UK Property Hotspots 2018 Class 5, Properties, 3/4 - CRUD Básico com Hibernate JPA Hibernate Tip: How to map an Enum to a database column unclaimedmoney - YouTube

Hibernate Community Forums. I know this is an old post, but I feel the question still stands. I've made the subject a little more descriptive too. Operations Management. ERP PLM Business Process Management EHS Management Supply Chain Management eCommerce Quality Management CMMS. HR Binary types have caused me no end of frustration in Java/Hibernate. Typically the way I work around the issue is to Base64 encode the binary data on the Java side, and then store it in the database as a TEXT field. Then the property in your entity can be of type String, and everything works much more smoothly. – aroth May 12 '11 at 5:31 Operations Management. ERP PLM Business Process Management EHS Management Supply Chain Management eCommerce Quality Management CMMS Manufacturing DbType.Binary: type="BinaryBlob" must be specified. Entire field is read into memory. Serializable: Any System.Object that is marked with SerializableAttribute. DbType.Binary: type="Serializable" should be specified. This is the fallback type if no NHibernate Type can be found for the Property. XDoc: System.Xml.Linq.XDocument: DbType.Xml NHibernate doesn't check if your entity is valid or not. You may consider using validators, though. The length property is for mapping, i mean for the generated sql as you see (like nvarchar(30)) and it is your responsibility to make sure it is correct. In this chapter, we will be covering mapping data types. Mapping entities is straightforward, entity classes are always mapped to database tables using <class>, <subclass>, and <joined-subclass> mapping elements. Value types need something more, which is where mapping types are required. NHibernate ... Hi, I have upgraded from NHibernate 2.1 to NHibernate 3.0 GA and I have hit a regression. I have an entity with an Image property of type System.Drawing.Image and I have mapped it Thanks. @Type(type="org.hibernate.type.BinaryType") worked for me for a table that storage PDF files. I migrated a database from Oracle to Postgres using Oracle-To-PostgreSQL from Intelligent Converters, and it automatically converted and inserted from BLOB to BYTEA but BlobType didn't worked for me. – jmoran Dec 9 '18 at 6:24 In this tutorial, we'll see how Hibernate allows us to extend the basic type mapping to custom Java classes. In addition to that, we'll also see some common examples of custom types and implement them using Hibernate's type mapping mechanism. 2. Hibernate Mapping Types

[index] [2333] [4887] [368] [7747] [14518] [10449] [21759] [26930] [15141] [15978]

What is Hibernate in Windows? How to Enable this Great Feature

What Property Type Should you Invest in Property Investment Series - Duration: 4:16. ... Best Binary Options Strategy 2020 - 2 Minute Strategy LIVE TRAINING! - Duration: 43:42. BLW Online ... Despite the fact that both of those are types of binary options trading, and centered around the exact underlying property, there are plenty of important discrepancies among binary options trading ... It's just like normal shutdown, but while shutting down your computer Hibernate option saves all the open windows, document data from memory (RAM) to Hard Disk as single file. Since the new market regulations announced inside the year 2008, the growth of binary trading options has really catapulted and a great number of are increasing their investments straight into ... unclaimed money, property and unclaimed funds information available from every government office in the United States. Pega Tutorial - Whats app to 70750 06429 - Property creation, Various property types, Page Property, Data property. The Hibernate Tips series provides quick answers to common questions. This time, I will show you how to map a Java Enum to a database column. That's one of the basic JPA and Hibernate mappings and ... Criação de um crud básico com Hibernate, Eclipse e SQL. Download do Hibernate: 1 - Acesse o site: http://hibernate.org 2 - Procure a guia: orm 3 - Faça o dow... Almost all binary option platforms in binary options system can easily offer you numerous trading strategy and types of property so that you can trade how to trade binary options, these property ... Binary Options Review Of Binary Options Broker And Options Trading With Trading Strategy This allows option investors to leverage their investment power while expanding their opportunity reward ...