Author

Topic: Truecrypt question (Read 1557 times)

administrator
Activity: 5222
Merit: 13032
May 19, 2012, 12:17:05 PM
#5
While you have it decrypted to use it, it's vulnerable. This is true of any encryption.
legendary
Activity: 1493
Merit: 1003
May 19, 2012, 11:08:48 AM
#4
In windows, yes, by copying your wallet.dat file.
But fear not, you can disable the administrative shares.
I use a batch file on my work machine to shut them down every 30 secs, so I don't have any co-workers snooping around my files.
Why every 30 seconds? They can be remotely reactivated or they reactivate automatically, I don't know.
Unfortunately, WMI is a very powerful tool...
Here's the batch:
Code:
@echo off
:BEGIN
date /T>> sshr.log
time /T>> sshr.log
echo ---- >> sshr.log
net share C$ /delete >> NUL 2>&1
net share D$ /delete >> NUL 2>&1
net share Z$ /delete >> NUL 2>&1
PING 127.0.0.1 -n 31 > NUL
GOTO BEGIN

Let me detail it a bit:
Code:
date /T>> sshr.log
time /T>> sshr.log
echo ---- >> sshr.log
It's a run log. With it, I can be sure it run.
Code:
net share C$ /delete >> NUL 2>&1
This is the command to shut them down. As you can see, I shut down C$, D$ and Z$ shares.
>> NUL 2>&1 is used to have no output whatsoever.
Code:
PING 127.0.0.1 -n 31 > NUL
This is the approximate 30 secs delay itself.

But if I were you, I would have a VM running some Unix and storing your wallet, so it is truly independent and stealth from windows, and always have a rooter or a good software firewall like Sunbelt Personal Firewall with advanced features turned on. Although this features might be annoying in the first days, they always let you know of any non requested communications activity.

I hope this can help you or any one!
If you need any other info, feel free to ask!
newbie
Activity: 11
Merit: 0
May 19, 2012, 10:46:22 AM
#3
I did not know that, so I assume it is possible that someone may be able to gain remote access while I am using the volume and be able to spend my coins?
legendary
Activity: 1493
Merit: 1003
May 19, 2012, 10:09:42 AM
#2
Unfortunately I found later something I hated in TrueCrypt but only in Windows: since you associate the decrypted volume with a drive letter, windows creates an administrative share (f$, for example) to that drive.
Any one able to access administrative shares (a colleague in the same network, for example) will see that content's totally unencrypted.
In Linux I don't find that problem, using either truecrypt or encfs, since the content's are only available to the current user's session.
newbie
Activity: 11
Merit: 0
May 19, 2012, 07:52:52 AM
#1
I have stored my wallet in a truecrypt volume for a long time (since before the client offered it), the question is, if I enter my passphrase to work with bitcoin, is my wallet now vulnerable while I have it open?  Or does it stay encrypted if someone were to access it while I am online?
Jump to: