TrueCrypt Leaks Could Expose Your Sensitive Data
We’ve recommended TrueCrypt in the past; it’s a nice way to secure an entire disk, however, a team headed by our own Wired Security columnist Bruce Schneier has just released a new paper that shows partial disk encryptions can leak sensitive file data.
The paper released today claims, “we find that the Windows Vista operating system itself, Microsoft Word, and Google Desktop all compromise the deniability of a TrueCrypt DFS.”
One of TrueCrypt’s standout features is disk encryption with “deniability.” In other words, the data is not just encrypted, but hidden as well.
Echoing what we’ve said in the past, Schneier writes, “if you don’t encrypt the entire drive, there is the possibility — and it seems very probable — that information about the encrypted partition will leak onto the unencrypted rest of the drive.” He goes on to add that “whole disk encryption is the smartest option.”
The culprits in this case are apps like Microsoft Word and Google Desktop, both of which will write temporary files, for example lists of recently changed documents, to the unencrypted portion of your disk, thus exposing what should be encrypted.
It’s tempting to think that if you’re at all concerned about security you probably aren’t using Microsoft Word anyway, but the problem can really occur with just about any app that writes temp files wherever it pleases.
It’s also worth noting that Schneier and his team could not break the deniability feature in TrueCrypt 6.0, but as Schneier says, “honestly, I wouldn’t trust it.”