Questions Truecrypt

Hi everyone,

I'm more a beginner in encryption and googling and reading all day about true crypt.

My questions that google didn't know is this:

In my Trucrypt-settings I have checked "disconnect when change to Stand-by" (i translated this from the german version)

1. Does anyone now know if the masterpassword is still in the RAM since Truecrypt knows that i want it to disconnect? Would be a security concern since i carry my laptop around in Stand-by...
2. If i encrypt a Partition on hardive is that one big "file" from the harddisk perspective or are only the files on that drive encrypted and there is empty space between?
3. Any experiences with: If windows is forced to shut down by the Taskplaner and the drives are NOT unmounted. Is it save to say that all file are still encrypted?
   

hope for your ideas...

 

I think this will answer your first Question

http://www.truecrypt.org/docs/unencrypted-data-in-ram

 

The files themselves are kept encrypted.
The problem will be information in RAM like said before.

 

This link "Security Requirements and Precautions" Basicly covers all of the Truecrypt security related questions for which people are seeking answers

 

Sorry for answering so late - had a lot to do in the last days. BUT i worked through the links you gave me - and that was really interesting stuff!

I for myself came after quite some time of reading/thinking to 3 conclusions that might interesting for someone new to this topic:

1. If you travel with your Notebook or you leave in your hotelroom you are only 100% secure if you switch it physically off.
2. If your computer went to hibernation you should take the next time the time replace to Hiberfil.sys with a new emtpy one. This is in my Opinion very important. If your computer goes to Hibernation with your drives mounted, it means your masterpasswort is saved to harddisk and stays there forever. So all the wonderful calculations how many trillion years it takes to brute force your intelligent passwort are just totally worthless if you have a file saved on your disk form which your passwort can be extracted. For me this was quite shocking to find out. And it made me wonder why on earth in all that X that Laptops and Windows Hibernation exists no one ever came to that idea...
3. After all Truecrypt is not the problem here - The RAM that stores portions of documents/passwords (any program) and the windows feature of Hibernation are the problem.

 

I have heard that with some laptops people had to physically remove the battery to delete the contents of their ram. you may want to check your laptop to see if it may have the same issue?

You should completely disable Hibernation wile using Encryption Period.

If I was you I would Switch to DriveCryptor for WholeDiskEncryption.