Ephebus - 2018-12-25

Firstly, I should say that I've been using container, partition and whole disk encryption for well over 12 years now. I've used DCPP, DiskCryptor, then stuck with TrueCrypt and now, naturally, VeraCrypt (thanks to IDRASSI for all your work on this project).

I've always used HD's and for the first time I'm considering buying an SSD, which will have a single system partition encrypted as a partition. I've been reading all topics and articles I can find about the vulnerabilities of VeraCrypt and other encryption software when wear leveling and TRIM are used on the SSD.

What I fail to understand is this: the main concerns seem to be that wear leveling, and especially, TRIM operations on the SSD, may leave behind unencrypted data. But since those operations are executed by the SSD's controller on already encrypted data, how is it possible that unencrypted data ends up on the drive? I understand that those operations will leave behind sectors with chunks of data, but shouldn't that data be encrypted anyway since it already was before?

 

Last edit: Ephebus 2018-12-25