Temporary stored files

Topics: Technical Issues
Oct 14, 2015 at 10:47 AM
Hi, I have a question. When I store some sensitive files to the volume in VeraCrypt and then I open it in windows / mac os, for example office automatically store some files as temporary files. Then they are stored somewhere on your HDD and it can be found. Do you have some solution for this?
Oct 14, 2015 at 10:58 AM
The solution is either full system encryption OR regularly to clean your disk and wipe free space (you can use many products ie CCleaner).

If you are not using full system encryption, please make sure you:
  1. Disable hibernation.
  2. Encrypt your swipe file! There is a Microsoft FSUTIL encryption option for the swapfile, but I didn't find any technical information on how it works. If someone knows more about it, i would love to hear some thoughts.
  3. Turn off system protection backups.
cheers,
Oct 14, 2015 at 11:03 AM
Edited Oct 14, 2015 at 11:03 AM
How can I use full system encryption? I have to boot to windows first and then I can turn on vera crypt
Oct 14, 2015 at 11:15 AM
No, VC will install a bootloader that will prompt for your password PRIOR to your windows being loaded. If the correct password is not provided, then EVERYTHING on your machine will remain scrambled - no evidence of anything, nobody will even know if you are running Windows or if you are running anything at all.
HOWEVER, full system encryption can be DANGEROUS. I have myself been in situation when i couldn't boot my system and lost information due to a full system encryption. As with encrypted containers, I have been using them for 20-25 years and i never lost a byte!
Oct 14, 2015 at 5:26 PM
Why wouldn't you boot system? What could happen?
I have special computer for these sensitive data but I am afraid they will be stored without me knowing where and how often. Especially office files.
Oct 14, 2015 at 6:14 PM
prettorian, I have no idea what happened. With nowadays pc systems (Windows), many things can happen, failed updates, software or hardware conflicts, viruses, just name it.... sometimes you can not boot an unencrypted partition and you still have no idea what has happened..... if something writes into your bootsector and conflicts with the bootloader... thats it you are busted.....
I would recommend full system encryption only to those who are really, really concerned for their privacy and are prepared to do daily backups. I am sure there will be others who will say that I am wrong and nothing can happen to an encrypted system partition, but i have paid my price so i think i know enough....
Oct 14, 2015 at 6:56 PM
As I said, I use this pc just for sensitive files few times a month. So I would choose full encryption system and then back up those files to encrypted device as flash disk.
Oct 14, 2015 at 6:59 PM
This is indeed your most secure option of all :)
Coordinator
Oct 14, 2015 at 7:09 PM
Just to temper @Alex512 statement: Full system encryption is not as dangerous as it may seem and you always have the option to decrypt your system using the Rescue Disk if something wrong happens. Of course, critical data backup becomes more important when encryption is used but this also applies to normal encrypted volumes.
Oct 15, 2015 at 6:38 PM
Idrassi, you are tempting me into going to full encryption..... though i know i will regret it :)
Oct 15, 2015 at 7:28 PM
I am just encrypting my whole pc. There was just some mistake regarding damaged cluster on HDD, may be physically damaged so I chose rewrite it with zeros.. We'll see what is going to happen.