Solved

Truecrypt and swap

Posted on 2016-08-28
6
177 Views
Last Modified: 2016-08-30
Hello!

I've got Ubuntu 14.04 Desktop and I use Truecrypt to store my confidential files. I've read that since Truecrypt does on the fly encryption, it only stores its decrypted content (and user's password and his keyfile I would think?) in RAM. If it's all true, then does that mean that even if I don't encrypt my swap, there's no risk that my data stored in a Truecrypt container (and my password and a keyfile too?) would end up on a swap partition in an unencrypted form?
0
Comment
Question by:Member_2_7970041
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 22

Accepted Solution

by:
robocat earned 500 total points
ID: 41774347
The chances are low but this is not impossible.

If you bother to use Truecrypt, you should also encrypt swap .  Better yet, encrypt the entire OS if you're really security conscious, because you never know that parts of your confidential files get copied as a temp file.
0
 
LVL 24

Expert Comment

by:Eirman
ID: 41774367
If you are concerned about the security of your encrypted data, now and especially in the future,
you should consider TrueCrypt's successor VeraCrypt

Truecrypt is no longer being supported or developed.
I believe that it still quite secure, but who knows what the future may bring!

From the VeraCrypt website .....
VeraCrypt is a free disk encryption software brought to you by IDRIX that is based on
TrueCrypt 7.1a. - It's free and open-source.

==============================================================
To answer your specific truecrypt question, your password/encryption keys
are never stored in the swapfile.
Anyhow, once you choose volume encryption, everything on your OS disk
including temp files and the swapfile are automatically encrypted, unless you have
deliberately moved your swapfile to another disk/partition other than that of your OS.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 41774628
If the whole system is encrypted then you don't have to worry about anything from RAM being written to Swap in plain-text. https://veracrypt.codeplex.com/wikipage?title=System%20Encryption
However if your swap partition is not encrypted, it is possible for your keys to be written there in any OS. I've read both phases of the Audit on the original TC, nothing about SWAP really came up, so I think the chance is remote as stated, but still possible.
-rich
0
Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

 
LVL 24

Expert Comment

by:Eirman
ID: 41775115
Thanks for ignoring my comment
0
 

Author Comment

by:Member_2_7970041
ID: 41775345
Eirman,
I didn't ignore your comment. I read it and thanks for sharing the info you have. Nevertheless, it's my prerogative to grant the best answer to anyone who's been participating in this thread. And I'm under no obligation to inquire more about the subject.

I decided not to encrypt my swap or any other parts of Ubuntu. Question is closed. Thank you!
0
 
LVL 24

Expert Comment

by:Eirman
ID: 41776089
I read it and thanks for sharing the info
A little acknowledgement was all that I was looking for (not points) - Thank you.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question