Intel Rapid Start & TrueCrypt

Discussion in 'privacy technology' started by firepuppy, Mar 30, 2014.

Thread Status:
Not open for further replies.
  1. firepuppy

    firepuppy Registered Member

    Joined:
    Feb 27, 2011
    Posts:
    3
    Apologies if I missed any questions about using the above combo, but only found one on forums.truecrypt.org from couple years ago with NO answers...

    I'm using TrueCrypt to encrypt my entire SSD. I assume typical Windows hibernation doesn't introduce any additional data exposure since hiberfil.sys is encrypted along with everything else on the drive and requires the TrueCrypt device driver to reload RAM on resume.

    However, I'm now testing Intel Rapid Start, which uses a separate partition on the drive to achieve a much quicker resume from S4 (power off) state. Since it is bypassing Windows (and apparently much of the BIOS power-on code), do you think offline analysis of that partition would contain any unencrypted data?

    FYI, I encrypted the entire drive AFTER I created the Hibernation partition and installed Intel Rapid Start and was somewhat surprised that IRS continued to work after that.

    I don't want to start ANOTHER long thread about the dangers of hibernation in general, freezing RAM or other issues involving software encryption. I simply want to know if IRS hibernation is more secure, less secure or exactly the same level of security as Windows Hibernation when using a fully-encrypted TrueCrypt system drive.

    Thanx for any replies.

    (Sorry if I've done wrong by reposting this from "other software & services"; I tried to find a way to contact a moderator to ask for this to be done)
     
  2. firepuppy

    firepuppy Registered Member

    Joined:
    Feb 27, 2011
    Posts:
    3
    I can't believe NONE of the REALLY smart folks on this forum have run into this combination before!!

    A little more info since my first post: after hibernating using the new Intel RapidStart partition, I booted the machine from a USB stick and ran WinHex to take a peek at the drive; the other partitions on the drive were obviously TrueCrypted, so not much to see there. I poked around in the IRS partition a while without seeing anything that resembled unencrypted data, but I don't feel qualified to confirm that.

    Having the machine setup this ways allows a thief to get straight back to the logon screen from power-on, but if I have strong passwords on all accounts, shouldn't they be stuck there?? As soon as they reboot the machine, they are prompted by the TrueCrypt boot loader and stuck there if they can't crack the password...

    I'm really interested in resolving this since IRS is a pretty COOL feature: 6 seconds from full power down to Windows logon screen!!

    ANY thoughts??
    (at all...)
     
  3. mlauzon

    mlauzon Registered Member

    Joined:
    Aug 9, 2011
    Posts:
    107
    Location:
    Canada
    From what I keep reading, you're not supposed to be letting hibernation run on an SSD.
     
  4. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    I think you will find:

    A. Most TC users don't hibernate.
    B. Most TC users don't sleep/suspend.
    C. Most people think a plain old single SSD is fast enough.
    D. Don't have this new'ish Intel tech on their gear.

    That's probably why there aren't a lot of replies.
     
Loading...
Thread Status:
Not open for further replies.