TrueCrypt & Defragmenting [Archive] - Glock Talk

PDA

View Full Version : TrueCrypt & Defragmenting


duncan
02-10-2011, 14:15
TrueCrypt's documentation states that you should not defrag drives with TC on board.

I understand there could be a small risk that some identifying traces could be separated from the encrypted folder making TC visible.

But other than that, is there any real risk of compromising the encryption?

Defragging is part of my system maintenance regime in keeping operations efficient.:embarassed:

Pierre!
02-10-2011, 16:47
Perhaps you can exclude the encrypted directory from the defrag process?

Looks like that won't work... You would probably be okay if it was a seperate volume... then it would be simple to exclude.

Back it up before you experiment... :supergrin:

And let us know how it works out.

Thanks for being the Guinea Pig... :cool:

HerrGlock
02-10-2011, 16:49
If you're using a FAT12, FAT16 or FAT32 filesystem, you need to defrag occasionally.

If you're using NTFS, EXT2, 3, 4, UFS, HFS or HFS+ filesystem, you do NOT need to defrag. No, it's not part of your system maintenance, you're doing unnecessary file reading and writing.

Remember, also, an encrypted filesystem does NOT have a standard layout. The OS does not dictate where on the disk a file piece is, trucrypt does. They say leave it alone. Ever think there's a reason they say that?

JimmyN
02-10-2011, 16:53
I don't know what documentation you're looking at but TrueCrypt's FAQ says you can defrag, run chkdsk, etc. I defrag my TrueCrypt volumes periodically.

Can I use tools like chkdsk, Disk Defragmenter, etc. on the contents of a mounted TrueCrypt volume?

Yes, TrueCrypt volumes behave like real physical disk devices, so it is possible to use any filesystem checking/repairing/defragmenting tools on the contents of a mounted TrueCrypt volume.

http://www.truecrypt.org/faq

filthy infidel
02-10-2011, 16:57
If you're using a FAT12, FAT16 or FAT32 filesystem, you need to defrag occasionally.

If you're using NTFS, EXT2, 3, 4, UFS, HFS or HFS+ filesystem, you do NOT need to defrag. No, it's not part of your system maintenance, you're doing unnecessary file reading and writing.

Remember, also, an encrypted filesystem does NOT have a standard layout. The OS does not dictate where on the disk a file piece is, trucrypt does. They say leave it alone. Ever think there's a reason they say that?


You most definitely will need to perform a defragmentation, just not as regularly as on any FAT system. NTFS does fragment, just not as quickly.....

JimmyN
02-10-2011, 17:24
I found what you're talking about. That would apply for a file based TrueCrypt volume, but not for a drive/partition based volume.

Defragmenting

When you defragment the file system in which you store a file-hosted TrueCrypt container, a copy of the TrueCrypt container (or of its fragment) may remain in the free space on the host volume (in the defragmented file system). This may have various security implications. For example, if you change the volume password/keyfile(s) afterwards, and an adversary finds the old copy or fragment (the old header) of the TrueCrypt volume, he might use it to mount the volume using an old compromised password (and/or using compromised keyfiles that were necessary to mount the volume before the volume header was re-encrypted). To prevent this, do one of the following:

* Use a partition/device-hosted TrueCrypt volume instead of file-hosted.
* Securely erase free space on the host volume (in the defragmented file system) after defragmenting.
* Do not defragment file systems in which you store TrueCrypt volumes.



You could either copy the TrueCrypt file to another drive before defragmenting, or erase empty space afterward to make sure nothing is left behind.

Sgt. Schultz
02-10-2011, 18:16
If you're using a FAT12, FAT16 or FAT32 filesystem, you need to defrag occasionally.

If you're using NTFS, EXT2, 3, 4, UFS, HFS or HFS+ filesystem, you do NOT need to defrag. No, it's not part of your system maintenance, you're doing unnecessary file reading and writing.

Sorry but thatís a common misconception, It is true that NTFS is less prone to fragmentation than FAT, but it still occurs. While NTFS is a much more efficient file system and not subject to the same fragmentation as FAT, there is some indication that over time the NTFS Master File Table is affected by fragmentation.

You still need to perform maintenance on an NTFS drive. Regular scandisks and defragging will increase your system reliability and speed.


.

HerrGlock
02-10-2011, 18:49
Sorry but thatís a common misconception, It is true that NTFS is less prone to fragmentation than FAT, but it still occurs. While NTFS is a much more efficient file system and not subject to the same fragmentation as FAT, there is some indication that over time the NTFS Master File Table is affected by fragmentation.

You still need to perform maintenance on an NTFS drive. Regular scandisks and defragging will increase your system reliability and speed.


.

I knew there was a reason I don't do Windows.