Main Area and Open Discussion > General Software Discussion

Help/Advice with TrueCrypt (and free space wiping)?

(1/5) > >>

wreckedcarzz:
Okay, I'm going to try and explain this in the least confusing way that I can :P and see if someone can provide me with some guidance, as this is my first attempt at really locking down data and utilizing a form of encryption for important use (not experimentation).

I have a FAT32 formatted 16GB flash drive that I carry around with me everywhere. Over the last couple of months I've saved some important data onto it that I can't have anyone unauthorized getting to. I'm looking for advice as to what I can do in addition to what I am doing now, and what precautions I should take. Basically, if anyone were to get hold of my flash drive at this point, it would not be very difficult (although not exactly easy, either) to get access to ~75 passwords, data files, personal info and other stuff I have stored away on it.

What I have done so far:


* Downloaded TrueCrypt and extracted it via the installer, than fired up the Traveler Disk Setup and plopped TC into my PortableApps directory, allowing me to run it easily from Geek.menu or the PortableApps Launcher.
* Started it up and created a hidden volume (invisible, encrypted volume inside a volume) with the external ("decoy") volume size being 2.5GB, FAT (10 char alpha password and AES-Twofish-Serpent encryption and the Whirlpool hash algorithm).
* Created the internal/hidden volume, using a 22 character alpha-numeric password, at a size of 2.0GB with the same AES-Twofish-Serpent/Whirlpool setup.
* Moved the sensitive data to the hidden volume with TeraCopy
What I need to do/know:


* I need to wipe the "real" drive's free space contents beyond recovery (as well as my C:\ drive); I plan on using Eraser to do that, however it is a flash drive and I don't want to wear the read/write cycles out too quickly - what deletion technique is most effective, and how many times should it be run (for a flash drive, and a regular hard drive)? I have read that a single, all-zero free space pass proves to be unrecoverable, but I need to ensure that this data can not be recovered and read from the "real" drive. :-\
* Also, can tools like Eraser and Defraggler/<your defragment tool of choice here> work on TC volumes, or will those possibly corrupt/cripple the volume? :tellme:
* And a final, and very important question, how can I make sure that the TC volume (and the program itself) cannot be deleted under any circumstances (ignoring formatting, unless that can be blocked, too? :tellme:) unless the command comes from my user account on my home computer? I would assume it would be permissions-based, but I don't know how that would work on other computers... suggestions? :read:
For those of you wondering why I do not simply encrypt the whole drive and be done with it, it is because that would deny me access to the contents of the drive when I am on a machine with Limited/Standard user privileges (ex: school) and that would defeat a large purpose of the drive (as well as TC being on the drive in question... kind of like locking your keys in your car, except your car has a briefcase of papers that you need really badly, sitting on the back seat taunting you :P).


Guidance, anyone? Anything I can change, do better, modify? I'm open to anything that will help :)

wr975:
> I have read that a single, all-zero free space pass proves to be unrecoverable, but I need to ensure that this data can not be recovered and read from the "real" drive.

According to this study a plain format (writing zeros, one pass) makes it impossible to recover any data.

http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432

You can use File Scavenger (http://www.quetek.com/prod02.htm) to make sure your data is unrecoverable.

f0dder:
Yeah, don't bother with the silly "military grade" wiping, a simple single pass of zeroes will be fine :)

Also, why the chained encryption algorithm? There's not much point in using anything besides AES.

Innuendo:
Modern-day forensic data recovery software is making remarkable strides in being able to recover data on drives that have been wiped. However, if you come across someone with such software and they have a keen interest in what is on your encrypted volume you will have far larger worries than worrying about someone checking out your passwords.

As long as you are not doing anything illegal you should be fine with a standard wipe. I recommending using DBAN (Darik's Boot And Nuke).

wreckedcarzz:
Okay, I'll go with a simple one-pass, all-zero wipe on the free space for both drives. I don't need to completely wipe all the data (DBAN), but I might make a backup of the data and do it anyways. Not sure yet. Nothing illegal (I'm not storing like a GB of torrents or something, but I know some that do :huh:) or anything that would cause legal issues; just taxes, (almost all of my+parents+computer) passwords, important data files, etc. Stuff that has the potential to wreck the family's online, and offline, assets. Hence the reason I'm trying to be as thorough as possible.

@f0dder: I did the multiple-algorithm setup because it appeared to be the most "secure" of the options, providing what (if I read correctly) appears to be 3 layers of 512-bit cryptic security. But I could be completely off on that- this is new ground for me (haven't tinkered with encryption for the last 5 years or so).

Navigation

[0] Message Index

[#] Next page