My understanding is that data is either stored in memory (which will be gone if no power is out regardless of whether a proper shutdown was initiated) or resides in the paging file of an encrypted Windows partition (which is obviously decrypted when system is in use but is encrypted otherwise?). Windows will automatically map out some of these data to the paging file, which remains unencrypted even when Windows shuts down.Īgain, how is the paging file unencrypted when Windows is shut down if it resides in the encrypted Windows partition by default? Why is it necessary that the entire drive is fully encrypted and not just simply the Windows partition? This topic is particularly important to me because I dualboot Windows and Linux and I encrypt the former with Veracrypt and the latter with dm-crypt on an SSD-the remaining space is unencrypted unallocated data (which as far as I'm concerned, is not a security issue but based on the article above, it is).Įven if you use encryption to protect sensitive data on the hard disk drive, the encryption key (and decrypted data you are accessing) would be stored in the computer's memory. Microsoft (among many others) uses somewhat confusing terminology at times. In this case, " drive" is used in the sense of " drive letter". This is distinct from a " disk", which is a physical storage device. A drive's data may be stored on a physical partition, but the storage location for a "drive" is most properly called a "volume". It might be one partition, or multiple partitions (spanned, or striped, or RAID5, or whatever), or a CD-ROM, or an image file mounted from some other storage device.
0 kommentar(er)
