nospamatall wrote:

> Casper wrote:
> >> I can see that there is a difference, but why would it be important? If
> >> the entire disk is encrypted, how could you do anything with it?
> >>
> >> Andy
> >
> > Then if you see a difference, can you explain what the difference is?
> > That would answer your question at the same time.
> >
> >
> The difference is that the partition info and some other stuff may not
> be encrypted. This doesn't answer my question though. Do any data leak
> into the non-user partitions? I had heard that some shyster companies
> use these partitions for their nefarious 'DRM' so I spose it is
> possible, but not if Truecrypt is in control of where all the data are
> going?

I don't think it's ever going to be 100% possible to guarantee that any
software running atop and operating system can successfully keep that
host from storing information about what that program does, somewhere
the program isn't aware of. It is, after all, the operating system
that's running the show.

Protected memory schemes and such go a good distance towards limiting
this sort of information "sharing", but they're as far from perfect as
can be and still be workable. Virtualization and other "sandbox" schemes
of that type are a lot better. Dual booting can be trivially configured
to minimalize that sharing, and "live" environments like CD's generally
come configured that way by default. Then at the end of the spectrum you
have physical swapping of storage devices which makes it an
impossibility.

The interesting thing about Truecrypt's hidden volume feature is that
one may be able to simulate physical swapping of devices in software.
I'd consider strong encryption every bit as secure as disconnecting a
drive for any practical purpose. ;)