Option to dismount volume & clear keys in ram if any new device is mounted
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
As we all know, there is an inherent weakness in encryption as the encryption keys are stored in memory (RAM). As a result, a new device can be introduced into the system that will dump and parse the memory to recover the key. It would be beneficial for individuals in high threat situations to have the option to mount a volume such that the introduction of any new device will cause veracrypt to auto-dismount the volume and clear the key or possibly reject the mount of the new device.
Last edit: Trillium 2021-02-14
There's already the option to crash the system if some unknown device is entered. How does that work for you?
Could you kindly point me to that "option to crash the system if some unknown device is entered"?
I couldn't seem to find it searching preferences.
Settings -> System Encryption... and there's a box that you can check that says 'Clear encryption keys from memory if a new device is inserted" If you check that box, a window will come up that warns you that a blue screen of death (BSOD) if a device is inserted and that the option does not persist - you'd have to check that box again after a crash.