TrueCrypt Question

Now I kinda sorta know what TrueCrypt does, but my question is, what if a hacker where to get into your system...would they still be able to access your files?

 

I'm about as far from an expert as you can get. I see your scenario this way.

If I have files or folders encrypted and don't remember my password, I can't access those folders.

I'd say if a hacker got in, or some kind of malware, they or it couldn't get to those files or folders.

 

So theoretically speaking, they could not get access any file, since it is all pretty much encrypted.

 

Files that are encrypted, in my opinion, couldn't be accessed without the password.

 

If a hacker had control of your system remotely, wile you are on it, he can basically obtain anything he wants like your passwords/keyfiles, because he will/would have been watching all of your activities, he can also take an index snapshot of the contents of your encrypted drive/s wile the encrypted drive/s is/are open, because if he had access, he can access your machine just like you can access it!

This is why you should be comfortable with the HIPS/Firewall/AV you are using, and trust them to be doing the job they are intended for, Protecting you from Hackers, if your second guessing your security apps I suggest you look into something/security apps you feel you can trust to protect you!

 

IT doesn't matter now, after encrypting the entire drive, i wasn't able to access it...good thing i took an image.

 

Sounds like you didn't remember your password ECT, don't let this discourage you from using whole disk encryption, just make sure to read everything you can about it like how to use it and read about the vulnerabilities ect, Now if you were asking, what if a hacker got a hold of your machine, like broke into your house and took it, or you lost your laptop, the hacker cant access it without the password/keys, unless you used a weak password that can be attacked using bruitforce/dictionary attack methods!

 

You said at 7:00 tonight that you only then "sorta knew" what Truecrypt does and you tried to encrypt an entire drive? Study the user's guide before using TC. It's easy, but not out-of-the-box easy.

 

Truecrypt doesn't do file/folder-encryption,
it encrypts entire volumes/devices .
So, if you are being owned by a CRACKER he can see/access
(at least) anything you can . Once you mount the encrypted volume it's game over .

 

Attacking Truecrypt

 

Right about the hacker. I thought of that but was apparently in the midst of a 'Senior Moment' and forgot to mention keylogger, hacker, etc.

Seems I read someplace that PGP protects against external threats, such as the black van parked down the street monitoring your keystrokes, but it was quite a while ago. I don't know if anything can keep an embedded keylogger, hacker or whatever from reading your keyboard strokes, except good security software and prayers.

 

Would you have to be on line?

What if you cut/paste or load pass from another drive?

 

Let's split the problem into parts:
1) While your TC volume is mounted, a hacker has access to your computer (remote or local). In this case he can read from your TC volume as if it was another normal hard disk.
2) When your TC volume is not mounted, a hacker can't read data from your TC volume. The thing that he might do in this case is to install a keylogger, find out your password and then mount TC volume himself.

So basically, try to mount TC volumes only when you need them and use software like firewall and/or HIPS to keep hackers out of your computer.