NTFS volume records

Discussion in 'privacy technology' started by Palancar, Nov 15, 2011.

Thread Status:
Not open for further replies.
  1. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,402
    This question is for examining privacy concerns:

    I am looking for some good reading links OR some insight from other members.

    Scenario: a user (me) has removable media (external drive or flash) that is almost full and contains ONLY one large Truecrypt volume. The external drive/flash is formatted in the NTFS filesystem so that the TC volume can be very large. The user does NOT want to device encrypt but to keep the file based volume scenario.

    Assuming the drive is used only via TrueCrypt and to access the encrypted volume: what traces or changes do you think are made to the NTFS system volume record on the "outside" of the volume when the OS accesses the encrypted volume?

    I am NOT concerned in this thread with traces on the computer - ONLY - what would physically be present on the removable media outside of the volume and stored in the NTFS "journals".
     
    Palancar, Nov 15, 2011
    #1
  2. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    MrBrian, Nov 20, 2011
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...