A file encryption type which is safe if PC shut down quickly

Hi,

I like TrueCrypt very much but haven't used it for a long time because I'm aware of how often I close my laptop or shut down the computer before unmounting the volumes. I'm just too scared of losing important data. Yes, I backup but not every time a file is changed. I would like to know if there is a reputable and easy-to-use file or folder encryption software which does not leave me vulnerable in this way.

Does anyone know if such a software exists?

Thank you

 

A hard (power off) shutdown is no worse for a mounted Truecrypt volume than it is for a non-encrypted volume. If the shutdown occurs in the middle of a disk write operation, that block of data will probably be corrupted. The main difference between encrypted and non-encrypted is that it is harder to recover encrypted data when things do go wrong.

If you continually power off your machine without shutting down or hibernating, you are putting your data at risk. It doesn't matter which encryption software you do or do not use.

Are you running checkdisk regularly? At least that will catch and fix some disk write errors.

 

I'm more worried about having unencrypted data.

 

All I can think of is not to use volumes for encryption, if you are only encrypting a few files they can easily be stored and encrypted with something like WinRar or 7zip (free), you will not have to worry about mounting and unmounting.

If you need a volume because you have many files, the other choice would be to store your files in some cloud service with encryption, like SpiderOak.

 

Thank you all for your help.
In fact, I don't often turn off my PC or notebook without powering down, but it happens often enough still to worry me about losing data. I thought that if there was another way to do it then I would look at another option, but I hear what you say.

Thank you,

mathilde

 

You're better off using volume encryption. File encryption programs such as WinRar, 7Zip, AxCrypt etc. can actually be worse under this scenario, since they use temporary files to store fully decrypted copies of all open files. These temp files are normally wiped during the normal course of operation, but a sudden shutdown (e.g. a Windows crash or a sudden loss of power) can leave one or more of these fully decrypted temporary files on disk. What's worse, the files might not even be wiped at the next bootup. They can just sit there in the temp folder.

 

How are they usually wiped?

 

I know WinZip best. Say you open archive and then open old Excel file by double clicking. When you close file, WinZip asks if you want to update archive with file, which Excel auto changed to current format. Then WinZip asks if you want to delete extracted file from temp folder. If you answer correctly, you are fine (but not really, because Windows saves everything somewhere). But, if you close WinZip before closing file, extracted file remains in temp folder until manually deleted

 

I mean is it deleted or overwritten?

 

Oh. I do not know that. I doubt it's overwritten.

 

To the best of my knowledge AxCrypt does a proper wipe/deletion of all decrypted temporary files that it creates. However, this feature obviously cannot function during a crash. I've tested it using an encrypted Notepad file, and the decrypted temp file survived after I deliberately crashed the OS. (I chose NotePad because it doesn't create any temp files by itself, so the remnant had to be an AxCrypt artifact.)

 

Assuming you use the same file system (NTFS) for both the encrypted container and the regular (non-encrypted) disk, the risk of data loss is virtually the same either way... i.e., you should be equally scared of losing important data in your non-encrypted volume. Avoiding Truecrypt is not doing anything to lower your probability of data loss, because the risk factor has to do with the Windows-based file system itself--not the encryption software (or lack thereof).

The best solution is probably to just bite the bullet and start doing backups more regularly. You could even set up 2 identically-sized Truecrypt containers--one for 'active' use and the other to be used for backup purposes only. You could then schedule backups of your primary TC container to your secondary one to occur on a daily basis (or as often as you'd like). That way, the chances of BOTH volumes losing data at the same time are practically slim to none--especially if those volumes are on 2 separate physical disks.

 

This is an idea that I did in fact eventually arrive at, though (out of concern for losing data before it got that far) after changing/creating a new file, I thought first to backup it up immediately to a temporary unencrypted folder on HDD. At the end of my using the computer for that session, move those changed files from the temporary folder to the second encrypted TrueCrypt volume disc on USB or external hard drive. The risk of my temporary folder being accessible to anyone else is negligible as I would use Eraser to empty it each time the files were moved from it.

I wonder if there is an on-the-fly backup program that would allow me to immediately backup any file to a specified destination (the temporary backup folder) as I worked on it? Otherwise, I think I would be able to make a point of saving them immediately to the unencrypted temporary folder before I must shut down the system suddenly if that is necessary. I would keep Windows Explorer open at the same time and simply copy the file across to the second window.

(Sorry, but yes, I do get that nit picky, and yet it doesn't stop me from occasionally - or needing sometimes to - close my notebook in a hurry)

Thank you again for all the thoughtful help

Much appreciated.

mathilde