Title: Truecrypt question Post by: anden on May 19, 2012, 12:52:52 PM I have stored my wallet in a truecrypt volume for a long time (since before the client offered it), the question is, if I enter my passphrase to work with bitcoin, is my wallet now vulnerable while I have it open? Or does it stay encrypted if someone were to access it while I am online?
Title: Re: Truecrypt question Post by: Jay_Pal on May 19, 2012, 03:09:42 PM Unfortunately I found later something I hated in TrueCrypt but only in Windows: since you associate the decrypted volume with a drive letter, windows creates an administrative share (f$, for example) to that drive.
Any one able to access administrative shares (a colleague in the same network, for example) will see that content's totally unencrypted. In Linux I don't find that problem, using either truecrypt or encfs, since the content's are only available to the current user's session. Title: Re: Truecrypt question Post by: anden on May 19, 2012, 03:46:22 PM I did not know that, so I assume it is possible that someone may be able to gain remote access while I am using the volume and be able to spend my coins?
Title: Re: Truecrypt question Post by: Jay_Pal on May 19, 2012, 04:08:48 PM In windows, yes, by copying your wallet.dat file.
But fear not, you can disable the administrative shares. I use a batch file on my work machine to shut them down every 30 secs, so I don't have any co-workers snooping around my files. Why every 30 seconds? They can be remotely reactivated or they reactivate automatically, I don't know. Unfortunately, WMI is a very powerful tool... Here's the batch: Code: @echo off Let me detail it a bit: Code: date /T>> sshr.log Code: net share C$ /delete >> NUL 2>&1 >> NUL 2>&1 is used to have no output whatsoever. Code: PING 127.0.0.1 -n 31 > NUL But if I were you, I would have a VM running some Unix and storing your wallet, so it is truly independent and stealth from windows, and always have a rooter or a good software firewall like Sunbelt Personal Firewall with advanced features turned on. Although this features might be annoying in the first days, they always let you know of any non requested communications activity. I hope this can help you or any one! If you need any other info, feel free to ask! Title: Re: Truecrypt question Post by: theymos on May 19, 2012, 05:17:05 PM While you have it decrypted to use it, it's vulnerable. This is true of any encryption.
|