Drive encryption matters

Posted by Jonas Elfström Mon, 11 Feb 2008 23:26:00 GMT

In a recent release TrueCrypt now supports drive/partition encryption.

One reason to encrypt on disk instead of file level is that operating systems and applications sometimes accidently stores passwords on your hard drive. This can happen in a number of ways and one common mistake applications make is to not prevent to be put on disk by the OS. Modern systems have a page/swap file. If a program gets paged out while holding your clear text password in pageable memory your password will be written to disk. The problem is that there are password recovery tools that can scan your page file for passwords.

You can configure Windows (and surely most other operating systems) to clear the page file on shutdown which will give you better protection (and slower shutdowns). Be aware that if you simply turn off the power the page file will be intact.

Posted in Security | 2 comments

Comments

    1. Avatar
      Me Wed, 12 Mar 2008 21:35:37 GMT
    2. Avatar
      Me Sun, 06 Jul 2008 13:51:24 GMT

Comments are closed