How viable is TrueCrypt, and any other on-the-fly encryption (OTFE) apps, of being breached while mounted and what steps should be considered to maintain said problem under control.
We have heard that it is possible that TrueCrypt can be accessed when the volume is mounted; it’s keys be retrieved.
Please advice.
What considerations should one take in account for this possible breach of data?
... and does other OTFE apps suffer same conditions or flaw?
... and does other OTFE apps suffer same conditions or flaw?
Please advice.
Dirk Strauss
I can't answer your specific question. I just wanted to comment that TrueCrypt is no longer considered secure.. So do not use it at all. Veracrypt has however been suggested as a good alternative.
You asked that before and I answered, that in order to read the key from memory, one (the attacker) will have to be admin already, so all is lost so you don't have to worry. And no, that can't be remedied and it affects all sorts of encryptions that keep the key in RAM (read about alternatives here: https://www1.cs.fau.de/tresor )
ASKER
Dirk,
McKnife,
Unfortunately the link provided is from SourceForge and some time back our tech recommended to stop referring to it in a warning he sent us regarding site (see link). When the issue of VeraCrypt came up as an alternative when TC blew up, we try to find actual references by the same organization that tested TureCrypt but no success. If you know of any, please send links (since VC is quite new, we still with TC)
McKnife,
Don't recall u answering this question, can you say (just to have it)?
As for how viable an OTFE apps being breached while mounted, makes sense what state that the attacker has to be admin. Running by your comment, means that if a home-user, which almost all home-user are admin, if they run a malware intended to breach a mounted encrypted volumes, then viability pretty high.
The above said, as for considerations should one take in account for this possible breach of data, users should treat this issue as any viruses malware etc. practices; just be safe, be updated and don't execute strange emails attacment.
Are we in the right track?
As for how viable an OTFE apps being breached while mounted, makes sense what state that the attacker has to be admin. Running by your comment, means that if a home-user, which almost all home-user are admin, if they run a malware intended to breach a mounted encrypted volumes, then viability pretty high.
The above said, as for considerations should one take in account for this possible breach of data, users should treat this issue as any viruses malware etc. practices; just be safe, be updated and don't execute strange emails attacment.
Are we in the right track?
There is an update in the link you shared:
Nonetheless, the link I shared to sourceforge was not to download TrueCrypt, but to highlight that the application is no longer secure (as is stated on the truecrypt.sourceforge page).
Update: Since the writing of this article, SourceForge has been sold to a new company that stopped the DevShare program discussed in this article. We’re leaving this article here for historical reference, but it has since stopped these shady practices.
ASKER
Ok. Thanx for the update.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes remembered now. The reason for placing this question to expand on that followup up question is merely for rewarding EE; being just in you guys time and effort - since I didn't want to keep asking followup question to clearly understand the answer.
Thank you your answer in this question really helped and regarding "Tresor" u e correct, didn't quite understand it but u just cleared it up for me.
Again thanx!
Thank you your answer in this question really helped and regarding "Tresor" u e correct, didn't quite understand it but u just cleared it up for me.
Again thanx!
ASKER
We have some question on truecrypt snd veracrypt but will place it as another question for rewarding purposes. Again, thanx!