The Corsair User Forums  

Go Back   The Corsair User Forums > Corsair Product Discussion > USB Flash Drives

Reply
 
Thread Tools Search this Thread Rate Thread Display Modes
  #1  
Old 05-16-2008, 10:05 AM
jstern1 jstern1 is offline
Jezza
 
Join Date: May 2008
Posts: 6
POST ID # = 348298
jstern1 Reputation: 10
Default Truecrypt & Wear Levelling

I have just been having a trawl through the help section on the truecrypt site and came across a section about wear levelling.

As I understand it from the corsair site, all the latest flash drives use wear levelling but the truecrypt help states that...

"...Due to security reasons, we recommend that TrueCrypt volumes are not stored on devices (or in file systems) that utilize a wear-leveling mechanism..."

Is corsair aware that they are shipping their products with the truecrypt software that buy all accounts does not appear to support their hardware!!?
Reply With Quote


  #2  
Old 05-16-2008, 04:58 PM
RAM GUY's Avatar
RAM GUY RAM GUY is offline
Corsair Product Guru
 
Join Date: Apr 2001
Location: Fremont, CA
Posts: 118,269
POST ID # = 348409
RAM GUY Reputation: 10
Default

I am pretty sure that was intended for software wear leveling and since this is done in the controller of our flash drives I do not feel it is a problem.
__________________
Support accounts and tickets can be created at https://support.corsair.com.
Reply With Quote


  #3  
Old 05-17-2018, 10:34 AM
Tritonio Tritonio is offline
Registered User
 
Join Date: May 2018
Posts: 3
POST ID # = 955025
Tritonio Reputation: 10
Default

Sorry for necroposting but someone may still be searching for this:

Using truecrypt on wear leveling is a problem because old versions of encrypted data remain. Say for example that you change the password of the volume, that means that the encryption key will be encrypted with the new password and written over the old encrypted key. Because of the wear leveling though the old sectors are not really overwritten, instead they are unmapped and kept outside of the logical volume space until some arbitrary point when they will be reused and overwritten. If in the meantime someone were to break the usb key open and read from the memory chips directly, they would be able to find that old version of the encryption key, the one encrypted with the old password. There are other possible attack vectors as well but I doubt these are more dangerous.
Reply With Quote


Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 11:52 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, vBulletin Solutions, Inc.