Bitcoin Forum
May 26, 2017, 11:06:31 PM *
News: If the forum does not load normally for you, please send me a traceroute.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Truecrypt question  (Read 1418 times)
anden
Newbie
*
Offline Offline

Activity: 11


View Profile
May 19, 2012, 12:52:52 PM
 #1

I have stored my wallet in a truecrypt volume for a long time (since before the client offered it), the question is, if I enter my passphrase to work with bitcoin, is my wallet now vulnerable while I have it open?  Or does it stay encrypted if someone were to access it while I am online?

*Link Removed*
POLONIEX TRADING SIGNALS
+50% Profit and more via TELEGRAM
ALTCOINTRADER.CO
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1495839991
Hero Member
*
Offline Offline

Posts: 1495839991

View Profile Personal Message (Offline)

Ignore
1495839991
Reply with quote  #2

1495839991
Report to moderator
1495839991
Hero Member
*
Offline Offline

Posts: 1495839991

View Profile Personal Message (Offline)

Ignore
1495839991
Reply with quote  #2

1495839991
Report to moderator
1495839991
Hero Member
*
Offline Offline

Posts: 1495839991

View Profile Personal Message (Offline)

Ignore
1495839991
Reply with quote  #2

1495839991
Report to moderator
Jay_Pal
Legendary
*
Offline Offline

Activity: 1348



View Profile
May 19, 2012, 03:09:42 PM
 #2

Unfortunately I found later something I hated in TrueCrypt but only in Windows: since you associate the decrypted volume with a drive letter, windows creates an administrative share (f$, for example) to that drive.
Any one able to access administrative shares (a colleague in the same network, for example) will see that content's totally unencrypted.
In Linux I don't find that problem, using either truecrypt or encfs, since the content's are only available to the current user's session.

Free Coins - 🍒🍉🌼 Free Game🌼🍉🍒
BEST FAUCET EVER!!! - Don't Panic... - 1G8zjUzeZBfJpeCbz1MLTc6zQHbLm78vKc
anden
Newbie
*
Offline Offline

Activity: 11


View Profile
May 19, 2012, 03:46:22 PM
 #3

I did not know that, so I assume it is possible that someone may be able to gain remote access while I am using the volume and be able to spend my coins?

*Link Removed*
Jay_Pal
Legendary
*
Offline Offline

Activity: 1348



View Profile
May 19, 2012, 04:08:48 PM
 #4

In windows, yes, by copying your wallet.dat file.
But fear not, you can disable the administrative shares.
I use a batch file on my work machine to shut them down every 30 secs, so I don't have any co-workers snooping around my files.
Why every 30 seconds? They can be remotely reactivated or they reactivate automatically, I don't know.
Unfortunately, WMI is a very powerful tool...
Here's the batch:
Code:
@echo off
:BEGIN
date /T>> sshr.log
time /T>> sshr.log
echo ---- >> sshr.log
net share C$ /delete >> NUL 2>&1
net share D$ /delete >> NUL 2>&1
net share Z$ /delete >> NUL 2>&1
PING 127.0.0.1 -n 31 > NUL
GOTO BEGIN

Let me detail it a bit:
Code:
date /T>> sshr.log
time /T>> sshr.log
echo ---- >> sshr.log
It's a run log. With it, I can be sure it run.
Code:
net share C$ /delete >> NUL 2>&1
This is the command to shut them down. As you can see, I shut down C$, D$ and Z$ shares.
>> NUL 2>&1 is used to have no output whatsoever.
Code:
PING 127.0.0.1 -n 31 > NUL
This is the approximate 30 secs delay itself.

But if I were you, I would have a VM running some Unix and storing your wallet, so it is truly independent and stealth from windows, and always have a rooter or a good software firewall like Sunbelt Personal Firewall with advanced features turned on. Although this features might be annoying in the first days, they always let you know of any non requested communications activity.

I hope this can help you or any one!
If you need any other info, feel free to ask!

Free Coins - 🍒🍉🌼 Free Game🌼🍉🍒
BEST FAUCET EVER!!! - Don't Panic... - 1G8zjUzeZBfJpeCbz1MLTc6zQHbLm78vKc
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2660


View Profile
May 19, 2012, 05:17:05 PM
 #5

While you have it decrypted to use it, it's vulnerable. This is true of any encryption.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!