Operation Manual

ManualsBrandsVeraCrypt ManualsSoftware1.16

100

you must not use VeraCrypt on a computer that an attacker has physically accessed. Furthermore,

you must ensure that VeraCrypt (including its device driver) is not running when the attacker

physically accesses the computer. Additional information pertaining to hardware attacks where the

attacker has direct physical access is contained in the section Unencrypted Data in RAM.

Furthermore, even if the attacker cannot physically access the computer hardware directly, he or

she may be able to breach the physical security of the computer by remotely intercepting and

analyzing emanations from the computer hardware (including the monitor and cables). For

example, intercepted emanations from the cable connecting the keyboard with the computer can

reveal passwords you type. It is beyond the scope of this document to list all of the kinds of such

attacks (sometimes called TEMPEST attacks) and all known ways to prevent them (such as

shielding or radio jamming). You must prevent such attacks. It is solely your responsibility to do so.

If you do not, VeraCrypt may become unable to secure data on the computer.

Malware

The term ‘malware’ refers collectively to all types of malicious software, such as computer viruses,

Trojan horses, spyware, or generally any piece of software (including VeraCrypt or an operating

system component) that has been altered, prepared, or can be controlled, by an attacker. Some

kinds of malware are designed e.g. to log keystrokes, including typed passwords (such captured

passwords are then either sent to the attacker over the Internet or saved to an unencrypted local

drive from which the attacker might be able to read it later, when he or she gains physical access to

the computer). If you use VeraCrypt on a computer infected with any kind of malware, VeraCrypt

may become unable to secure data on the computer.

Therefore, you must not use VeraCrypt on

such a computer.

It is important to note that VeraCrypt is encryption software, not anti-malware software. It is your

responsibility to prevent malware from running on the computer. If you do not, VeraCrypt may

become unable to secure data on the computer.

There are many rules that you should follow to help prevent malware from running on your

computer. Among the most important rules are the following: Keep your operating system, Internet

browser, and other critical software, up-to-date. In Windows XP or later, turn on DEP for all

programs.

†

Do not open suspicious email attachments, especially executable files, even if they

appear to have been sent by your relatives or friends (their computers might be infected with

malware sending malicious emails from their computers/accounts without their knowledge). Do not

follow suspicious links contained in emails or on websites (even if the email/website appears to be

harmless or trustworthy). Do not visit any suspicious websites. Do not download or install any

suspicious software. Consider using good, trustworthy, anti-malware software.

Multi-User Environment

Keep in mind, that the content of a mounted VeraCrypt volume is visible (accessible) to all logged

on users. NTFS file/folder permissions can be set to prevent this, unless the volume is mounted as

removable medium (see section Volume Mounted as Removable Medium) under a desktop edition

of Windows Vista or later (sectors of a volume mounted as removable medium may be accessible

In this section (Malware), the phrase “data on the computer” means data on internal and external storage

devices/media (including removable devices and network drives) connected to the computer.

†

DEP stands for Data Execution Prevention. For more information about DEP, please visit

http://support.microsoft.com/kb/875352, http://technet.microsoft.com/en-us/library/cc700810.aspx, and

http://windows.microsoft.com/en-US/windows-vista/What-is-Data-Execution-Prevention.