Solved

Truecrypt and swap

Posted on 2016-08-28
6
130 Views
Last Modified: 2016-08-30
Hello!

I've got Ubuntu 14.04 Desktop and I use Truecrypt to store my confidential files. I've read that since Truecrypt does on the fly encryption, it only stores its decrypted content (and user's password and his keyfile I would think?) in RAM. If it's all true, then does that mean that even if I don't encrypt my swap, there's no risk that my data stored in a Truecrypt container (and my password and a keyfile too?) would end up on a swap partition in an unencrypted form?
0
Comment
Question by:Member_2_7970041
6 Comments
 
LVL 21

Accepted Solution

by:
robocat earned 500 total points
ID: 41774347
The chances are low but this is not impossible.

If you bother to use Truecrypt, you should also encrypt swap .  Better yet, encrypt the entire OS if you're really security conscious, because you never know that parts of your confidential files get copied as a temp file.
0
 
LVL 23

Expert Comment

by:Eirman
ID: 41774367
If you are concerned about the security of your encrypted data, now and especially in the future,
you should consider TrueCrypt's successor VeraCrypt

Truecrypt is no longer being supported or developed.
I believe that it still quite secure, but who knows what the future may bring!

From the VeraCrypt website .....
VeraCrypt is a free disk encryption software brought to you by IDRIX that is based on
TrueCrypt 7.1a. - It's free and open-source.

==============================================================
To answer your specific truecrypt question, your password/encryption keys
are never stored in the swapfile.
Anyhow, once you choose volume encryption, everything on your OS disk
including temp files and the swapfile are automatically encrypted, unless you have
deliberately moved your swapfile to another disk/partition other than that of your OS.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 41774628
If the whole system is encrypted then you don't have to worry about anything from RAM being written to Swap in plain-text. https://veracrypt.codeplex.com/wikipage?title=System%20Encryption
However if your swap partition is not encrypted, it is possible for your keys to be written there in any OS. I've read both phases of the Audit on the original TC, nothing about SWAP really came up, so I think the chance is remote as stated, but still possible.
-rich
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 23

Expert Comment

by:Eirman
ID: 41775115
Thanks for ignoring my comment
0
 

Author Comment

by:Member_2_7970041
ID: 41775345
Eirman,
I didn't ignore your comment. I read it and thanks for sharing the info you have. Nevertheless, it's my prerogative to grant the best answer to anyone who's been participating in this thread. And I'm under no obligation to inquire more about the subject.

I decided not to encrypt my swap or any other parts of Ubuntu. Question is closed. Thank you!
0
 
LVL 23

Expert Comment

by:Eirman
ID: 41776089
I read it and thanks for sharing the info
A little acknowledgement was all that I was looking for (not points) - Thank you.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Open Encryption Software Advice needed 4 55
centos commands 6 54
Server Rebuild after 2 drive in raid crashed 16 47
SSD encryption options with Windows 10 Pro 5 25
Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question