Is it safe to mount my Truecrypt container directly from my Dropbox folder?

1

Apart from any discussion on if Truecrypt is still considered safe in terms of encryption (for the sake of discussion we asume it is):

I'm running Linux Mint 17. I have the dropbox application installed.

I have Truecrypt installed from this repository.

The Dropbox application creates a folder on my disk that is being synchronized with the cloud when a file in that folder changes, is being deleted or added.

I have a Truecrypt container within the dropbox folder. I 'unlock' it with Truecrypt and mount it.

Let's suppose someone at Dropbox really wanted to see what's inside my TC container, would there be a way for him to sync my 'unlocked' container upwards into the cloud and access it's contents?

asco

Posted 2015-09-15T15:49:30.633

Reputation: 203

2Dropbox has zero capability to mount the Truecrypt container. The only file DropBox is aware of is the container file. It has zero capability to view the contents of a unlocked container file. – Ramhound – 2015-09-15T15:53:23.420

@Ramhound So the actual container file remains totally unchanged and Truecrypt creates a unlocked copy (outside of the dropbox folder) of it when I mount it? That does make sense. – asco – 2015-09-15T16:09:41.387

I don't know how Truecrypt deals with the container, once you proceed, to mount it. I just know what Dropbox can't do, which is what you asked, the only file Dropbox would see is the container file. If Truecrypt creates a unencrypted copy of the container file, that would a security flaw with TrueCrypt, not dropbox. – Ramhound – 2015-09-15T16:25:18.377

2>

  • TrueCrypt isn't ideal for storing data on an untrusted host. It has no integrity checks and leaks which 16 byte blocks changed. 2) Since you're running drop-box software on your computer, they could include some kind of backdoor in it.
    • < – CodesInChaos – 2015-09-17T16:11:11.347

    Answers

    2

    Ascorbin "So the actual container file remains totally unchanged and Truecrypt creates a unlocked copy (outside of the dropbox folder) of it when I mount it? That does make sense"

    No, Truecrypt does not create a copy on hard drive at all. When you open a Truecrypt container, you get a virtual drive that is in RAM. Nothing unencrypted is ever written to hard drive.

    For Dropbox to sync, though, you have to go to Truecrypt setting and uncheck "Preserve modification timestamp of file containers"

    user12480

    Posted 2015-09-15T15:49:30.633

    Reputation: 21

    Asked: 2015-09-15T15:49:30.633

    Viewed: 596 times

    Active: 2015-11-13T17:14:21.753