StuartR wrote: ↑06 Sep 2020, 08:50
- If your non-system partition includes a HIDDEN veracrypt drive, as well as the visible one, then this could be destroyed by defrag.
- Some file data from the encrypted partition will be stored in the system partition during the defrag, it is possible that this could be visible to an attacker even after you dismount the encrypted partition
Hi Stuart. I well remember the descriptive scenario from the TruCrypt documentation - someone held a gun to your head and forced the password out of you, but
you had a secret hidden container within your password-protected container, - or similar. Hasn't happened to me yet. Nor, i am prepared to bet, has it happened to you (I hope; Grin).
I believe I read that scenario, chuckled, and moved on. Never thought of hidden containers since then.
The residue data is a possibility and its visibility, even after dismount, is a possibility.Truth is, even if an attacker (nowadays a piece of malwarerather than a Real Live Person), does stumble on the string 2b4qqvxxh p7055475 1utmie95 6415nlwu xkgl94su wuvLHLLs te0120bw xnglspen fg215nlw vvhel215n l7urvlswr 845nl76su swoz and manage to make something out of it, the only thing they are likely to find of value is my passwords DOCument file ("customline.xls") which, once they get past the "format is not valid" hurdle, will allow them access to my bank password which will then plunge them into the mire of "how to survive for a month on a $50 bank balance".
Turns out the best security is to defrag the drive and reclaim/wipe free space, which brings us full-circle to something i don't really want to do.
The deeper question is 'Why is someone like me encrypting anyway?", and as far as I can remember, I used to sit students down at my machine for
ad hoc training sessions, and by rebooting and ignoring the password for decryption, my data partition remained out-of-bounds, and its contents could not be accidentally overwritten by a clumsy trainee. That is, I was protecting agaiinst accidental overwriting rather than intentional discovery of data.
Cheers
Chris