Forums Community Windows hibernate security vulernability and Axcrypt

This topic contains 2 replies, has 1 voice, and was last updated by  Beth1974 1 month ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #34299 Reply

    Muevelo

    Hi,  I use windows hibernate a lot. One  vulnerability of hibernate is that the contents of RAM get written to the hard drive in unencrypted form in a file called hiberfil.sys. This means that any unencrypted temporary files on the disk created by encryption software (like Axcrypt does) and encryption keys in RAM used to access these containers/files will be written to hiberfil.sys and can be extracted if a malicious party has physical access to the drive.

    The temporary files created by Axcrypt I can deal with, simply closing Axcrypt before hibernating and/or ‘cleaning up’ Axcrypt before closing.

    The issue of encryption keys in RAM is more problematic though. Thus, the question:

    Does Axcrypt store encryption keys or log in details in RAM at any time while in use or while it is holding files open and in unencrypted form? If it does, these keys would be in plain text form and theoretically extractable from the hibernation snapshot so I need express confirmation either way.

    Thanks.

     

     

     

     

    #34350 Reply

    Muevelo

    Bump!

    #34610 Reply

    Beth1974

    Thanks for sharing this information, it’s definitely something I’ll be more mindful of in the future.

Viewing 3 posts - 1 through 3 (of 3 total)
Reply To: Windows hibernate security vulernability and Axcrypt
Your information: