Solutions to truecrypt's fatal flaw: power outage data loss
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Solutions to truecrypt's fatal flaw: power outage data loss
With truecrypt, power outage can cause significant data loss. Allegedly, the entire container or partition can easily be lost according to these two people:
Quote:
I lost 300GB of data due to my volume header becoming corrupted by Windows. I had my entire system encrypted (boot partition and drives) and attempted to use the various repair features and decryption to no avail.
Quote:
Truecrypt encrypted drives are extemely fragile in case of unclean shutdown, or unsafe drive removal. I've experimented a lot with truecrypt. I've tested unclean shutdowns (e.g. PC crash, power failure, reset button pressed) and unclean removal - in 100% of my tests, all data on the drive was unrecoverable.
Any countermeasures to this flaw, like some sort of redundancy or smart scheme to deal with power outage so that one can recover as much data as possible? Using conventional recovery/file repair tools and with as little corruption as possible?
Any alternative encryption software that may take better care of power outage, disk failure, unsafe unplugging, o/s crash, corruption in the volume header etc?
Moved: This thread is more suitable in the Software Forum (not a Linux Security issue) and has been moved accordingly to help your thread/question get the exposure it deserves.
*And this really isn't some "fatal flaw" as no software that needs to keep state, modify and close files on exit is resilient in the face of power outage. If you're concerned about this use a laptop or get an UPS FCOL!
TrueCrypt embeds a backup copy of the volume header in the volume, or you can make your own backup copy. From the documentation:
Quote:
If the header of a TrueCrypt volume is damaged, the volume is, in most cases, impossible to mount. Therefore, each volume created by TrueCrypt 6.0 or later contains an embedded backup header, located at the end of the volume. For extra safety, you can also create external volume header backup files. To do so, click Select Device or Select File, select the volume, select Tools > Backup Volume Header, and then follow the instructions... Both types of header backups (embedded and external) can be used to repair a damaged volume header. To do so, click Select Device or Select File, select the volume, select Tools > Restore Volume Header, and then follow the instructions.
What about the data area, doesn't a fault there affect much more data than on unencrypted storage, and what can be done about this?
Does the chosen encryption (aes etc) matter? Isn't there something about encryption principles that makes it inevitable that data chunks depend on each other no matter what scheme is used?
Hasn't anyone thought of duplicating data several times as part of the encryption to counter this?
Is truecrypt aware of a growing list of bad sectors when an entire partition is encrypted? Is any similar software aware of this?
Power went out while transferring files from a laptop to an external usb drive. Laptop is fine because its battery kept it going, but the usb drive is not accessible. Files are likely recoverable because I suspect something in the overall file structure is scrambled; I just haven't dealt with it yet. But it did occur to me that if the drive were encrypted I'd be dealing with another level of hurt. It's good to hear that there are possible solutions for encrypted drives.
What about the data area, doesn't a fault there affect much more data than on unencrypted storage, and what can be done about this?
Does the chosen encryption (aes etc) matter? Isn't there something about encryption principles that makes it inevitable that data chunks depend on each other no matter what scheme is used?
It's not technically inevitable, but all the non-trivial encryption schemes I'm aware of do this to some extent.
Quote:
Hasn't anyone thought of duplicating data several times as part of the encryption to counter this?
People have probably thought of it. I don't mean to sound dismissive, but I wonder why you wouldn't just keep a backup copy of the encrypted volume if you're that worried about data loss. Maybe on a second physical disk if you can afford it.
Quote:
Is truecrypt aware of a growing list of bad sectors when an entire partition is encrypted? Is any similar software aware of this?
I'm not exactly knowledgable in this area, but from what I can find in TrueCrypt's documentation and on Wikipedia I get the impression that this is something of which no software would be aware.
More detail on the health of the drive may be obtained by examining the SMART Attributes. SMART Attributes were included in some drafts of the ATA standard, but were removed before the standard became final. The meaning and interpretation of the attributes varies between manufacturers, and are sometimes considered a trade secret for one manufacturer or another.
Combine that with the fact that one of the SMART attributes is listed as "Reallocated Sectors Count", not an actual list; it seems pretty clear that software would not be able to know which sectors are bad.
Danceman, I had the same trouble once. It was the drive's usb interface that was faulty. Try recuva first. If no luck, take out the sata drive from the usb enclosure and install it as an internal drive. Maybe try recuva on this too.
it seems pretty clear that software would not be able to know which sectors are bad.
So from truecrypt's point of view, a fully encrypted partition simply gets smaller as the number of bad sectors increases? Doesn't this shortening hit the backup volume header at the end or perhaps the normal volume header at the beginning?
Danceman, I had the same trouble once. It was the drive's usb interface that was faulty. Try recuva first. If no luck, take out the sata drive from the usb enclosure and install it as an internal drive. Maybe try recuva on this too.
Thanks, Ulysses. I have some time now to deal with this. I'll start with your advice.
I've tested unclean shutdowns (e.g. PC crash, power failure, reset button pressed) and unclean removal - in 100% of my tests, all data on the drive was unrecoverable.
My experiences have been exactly the opposite. On my wife's laptop (Windows XP) I have her profile encrypted with TrueCrypt and use their old TCGINA program to control login. That system has gone through more crashes and dirty shutdowns than one would ever imagine. Never once has any TrueCrypt data been corrupted. On other systems I've used TrueCrypt with thumbdrives and all that data has remained perfectly intact even when faced with yanking out active thumbdrives without first ejecting them. Do I recommend doing this? Crashing systems and yanking thumbdrives? Of course not. But my experience has been 0% data loss with TrueCrypt. A far cry from the other persons claim of 100% data loss.
When you find software - encryption or otherwise - that works perfectly when you yank the power cord of the computer that is running it, patent that software immediately. You'll be rich!
Trusting ANY software to protect you 100% when faced with power failures, system crashes, etc. is pure folly. Those untoward events are best protected against by frequent backups, stored offline.
When you find software - encryption or otherwise - that works perfectly when you yank the power cord of the computer that is running it, patent that software immediately. You'll be rich!
The allegation against truecrypt and probably similar software is that TOO MUCH data is lost or can easily be lost, perhaps unnecessarily.
Quote:
why you wouldn't just keep a backup copy of the encrypted volume
Because a backup is substantially out-of-date most of the time. This may not be true with a time-machine/rsync kind of backup like the Mac's, or sector-map snapshots like Rollback Rx's, but they seem too complicated and recovery prospects are unknown.
Hasn't anyone thought of modifying truecrypt sources so it echoes every write to a partition to a second partition, with flushes so that only one partition is being written to at any time, therefore the other partition is guaranteed valid enough, with recovery prospects as good as if encryption were not used?
Just tested and found that a tiny change in the name of a file inside a truecrypt container changes 16 bytes. This is the block size of AES as expected. Doesn't seem bad at all.
Would more blocks be affected in a crash/power outage etc, compared to the amount of data affected in a crash etc without encryption?
Any better designs that do not fail so drastically in a power outage/crash/unsafe removal and do not depend so heavily on a ups and backups of the header?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.