Data Leaks

Note: The issues described below do not affect you if the system partition or system drive is encrypted (for more information, see the chapter System Encryption) and if no unencrypted filesystems (or volumes) are accessible during a session in which a TrueCrypt volume is mounted or in which an encrypted operating system is running.

When a TrueCrypt volume is mounted, the operating system and third-party applications may write to unencrypted volumes (typically, to the unencrypted system volume) unencrypted information about the data stored in the TrueCrypt volume (e.g. filenames and locations of recently accessed files, databases created by file indexing tools, etc.), or the data itself in an unencrypted form (temporary files, etc.), or unencrypted information about the filesystem residing in the TrueCrypt volume. Note that Windows automatically records large amounts of potentially sensitive data, such as the names and locations of files you open, applications you run, etc.

Solution: Encrypt the system partition/drive (for information on how to do so, see the chapter System Encryption) and make sure that only encrypted filesystems are mounted during a session in which you work with sensitive data (unencrypted filesystems/volumes should not be mounted/accessible during a session in which a TrueCrypt volume is mounted or an encrypted operating system is running).

Note: You may also want to consider creating a hidden operating system (for more information, see the section Hidden Operating System).