"Fossies" - the Fresh Open Source Software Archive

Member "doc/html/Journaling File Systems.html" (10 Oct 2018, 3182 Bytes) of package /windows/misc/VeraCrypt_1.23-Hotfix-2_Source.zip:

Caution: In this restricted "Fossies" environment the current HTML page may not be correctly presentated and may have some non-functional links. You can here alternatively try to browse the pure source code or just view or download the uninterpreted raw source code. If the rendering is insufficient you may try to find and view the page on the project site itself.


Documentation >> Security Requirements and Precautions >> Journaling File Systems

Journaling File Systems

When a file-hosted VeraCrypt container is stored in a journaling file system (such as NTFS or Ext3), a copy of the VeraCrypt container (or of its fragment) may remain in the free space on the host volume. This may have various security implications. For example, if you change the volume password/keyfile(s) and an adversary finds the old copy or fragment (the old header) of the VeraCrypt volume, he might use it to mount the volume using an old compromised password (and/or using compromised keyfiles using an old compromised password (and/or using compromised keyfiles that were necessary to mount the volume before the volume header was re- encrypted). Some journaling file systems also internally record file access times and other potentially sensitive information. If you need plausible deniability (see section Plausible Deniability), you must not store file-hosted VeraCrypt containers in journaling file systems. To prevent possible security issues related to journaling file systems, do one the following: