Introduction

Beginner's Tutorial

System Encryption

 Supported Systems

 Hidden Operating System

 Rescue Disk

Plausible Deniability

 Hidden Volume

  Protection of Hidden Vol.

  Security Requirements

 Hidden Operating System

Parallelization

Pipelining

Hardware Acceleration

Encryption Algorithms

 AES

 Serpent

 Twofish

 Cascades

Hash Algorithms

 RIPEMD-160

 SHA-512

 Whirlpool

Technical Details

 Notation

 Encryption Scheme

 Modes of Operation

 Header Key Derivation

 Random Number Gen.

 Keyfiles

 Volume Format Spec.

 Standards Compliance

 Source Code

TrueCrypt Volume

 Creating New Volumes

 Favorite Volumes

 System Favorite Volumes

Main Program Window

 Program Menu

 Mounting Volumes

Supported Systems

Portable Mode

Keyfiles

Tokens & Smart Cards

Language Packs

Hot Keys

Security Model

Security Requirements

 Data Leaks

  Paging File

  Hibernation File

  Memory Dump Files

 Unencrypted Data in RAM

 Physical Security

 Malware

 Multi-User Environment

 Authenticity and Integrity

 New Passwords & Keyfiles

 Password/Keyfile Change

 Trim Operation

 Wear-Leveling

 Reallocated Sectors

 Defragmenting

 Journaling File Systems

 Volume Clones

 Additional Requirements

Command Line Usage

Backing Up Securely

Miscellaneous

 Use Without Admin Rights

 Sharing over Network

 Background Task

 Removable Medium Vol.

 TrueCrypt System Files

 Removing Encryption

 Uninstalling TrueCrypt

 Digital Signatures

Troubleshooting

Incompatibilities

Issues and Limitations

License

Future Development

Acknowledgements

Version History

References

   

Security Requirements and Precautions >  Data Leaks Search

Disclaimers





Please consider making a donation.

   Donate Now >> Donate   


Data Leaks

When a TrueCrypt volume is mounted, the operating system and third-party applications may write to unencrypted volumes (typically, to the unencrypted system volume) unencrypted information about the data stored in the TrueCrypt volume (e.g. filenames and locations of recently accessed files, databases created by file indexing tools, etc.), or the data itself in an unencrypted form (temporary files, etc.), or unencrypted information about the filesystem residing in the TrueCrypt volume. Note that Windows automatically records large amounts of potentially sensitive data, such as the names and locations of files you open, applications you run, etc.

In order to prevent data leaks, you must follow these steps (alternative steps may exist):

  • If you do not need plausible deniability:
    • Encrypt the system partition/drive (for information on how to do so, see the chapter System Encryption) and ensure that only encrypted or read-only filesystems are mounted during each session in which you work with sensitive data.

      or,

    • If you cannot do the above, download or create a "live CD" version of your operating system (i.e. a "live" system entirely stored on and booted from a CD/DVD) that ensures that any data written to the system volume is written to a RAM disk. When you need to work with sensitive data, boot such a live CD/DVD and ensure that only encrypted and/or read-only filesystems are mounted during the session.
  • If you need plausible deniability:
    • Create a hidden operating system. TrueCrypt will provide automatic data leak protection. For more information, see the section Hidden Operating System.

      or,

    • If you cannot do the above, download or create a "live CD" version of your operating system (i.e. a "live" system entirely stored on and booted from a CD/DVD) that ensures that any data written to the system volume is written to a RAM disk. When you need to work with sensitive data, boot such a live CD/DVD. If you use hidden volumes, follow the security requirements and precautions listed in the subsection Security Requirements and Precautions Pertaining to Hidden Volumes. If you do not use hidden volumes, ensure that only non-system partition-hosted TrueCrypt volumes and/or read-only filesystems are mounted during the session.





 Ads by Google 




  Next Section >>


Legal Notices www.truecrypt.org

 Ads by Google