Page 1 of 1

Command Line Vulnerability

PostPosted: Sun Apr 26, 2015 4:26 pm
by redoC
Hi dudes,

I don't know if it was already fixed but in good old TrueCrypt there was (in my opinion) high security flaw...

When one use TrueCrypt command line to e.g. mount crypted container than plain text command line is permanently stored in the RAM memory and can be easily read by hacker, with all informations like container file and its password. It's very easy to fix this by wiping of command line strings in memory (dont forget to wipe cmd line in system structures also).

Any tips or questions please post here.