Version Information



Yüklə 5,12 Kb.
Pdf görüntüsü
səhifə71/130
tarix07.01.2024
ölçüsü5,12 Kb.
#205371
1   ...   67   68   69   70   71   72   73   74   ...   130
TrueCrypt User Guide

Unencrypted Data in RAM 
It is important to note that TrueCrypt is 
disk
encryption software, which encrypts only disks, not 
RAM (memory). 
Keep in mind that most programs do not clear the memory area (buffers) in which they store 
unencrypted (portions of) files they load from a TrueCrypt volume. This means that after you exit 
such a program, unencrypted data it worked with may remain in memory (RAM) until the computer 
is turned off (and, according to some researchers, even for some time after the power is turned 
off
*
). Also note that if you open a file stored on a TrueCrypt volume, for example, in a text editor 
and then force dismount on the TrueCrypt volume, then the file will remain unencrypted in the area 
of memory (RAM) used by (allocated to) the text editor. This also applies to forced auto-dismount.
Inherently, unencrypted master keys have to be stored in RAM too. When a non-system TrueCrypt 
volume is dismounted, TrueCrypt erases its master keys (stored in RAM). When the computer is 
cleanly restarted (or cleanly shut down), all non-system TrueCrypt volumes are automatically 
dismounted and, thus, all master keys stored in RAM are erased by the TrueCrypt driver (except 
master keys for system partitions/drives — see below). However, when power supply is abruptly 
interrupted, when the computer is reset (not cleanly restarted), or when the system crashes, 
TrueCrypt naturally stops running and therefore cannot
erase any keys or any other sensitive 
data. Furthermore, as Microsoft does not provide any appropriate API for handling hibernation and 
shutdown, master keys used for system encryption cannot be reliably (and are not) erased from 
RAM when a computer hibernates, is shut down or restarted.

To summarize, TrueCrypt 
cannot
and does 
not
ensure that RAM contains no sensitive data 
(e.g. passwords, master keys, or decrypted data). Therefore, after each session in which you 
work with a TrueCrypt volume or in which an encrypted operating system is running, you must 
shut down (or, if the hibernation file is encrypted, hibernate) the computer and then leave it 
powered off for at least several minutes (the longer, the better) before turning it on again. This 
is required to clear the RAM (see also the section 
Hibernation File
). 

Yüklə 5,12 Kb.

Dostları ilə paylaş:
1   ...   67   68   69   70   71   72   73   74   ...   130




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin