Protecting Against TrueCrypt Archive Corruption and Data Loss

by Michael on Dec 3, 2012 · 6 comments

Photo of Hard Drive Platters

Over the past few years, I’ve been working to rid myself of as much paper as possible.

As part of this, I’ve been scanning/shredding lots of sensitive financial documents.

To protect against data loss, I’ve been using an online backup service. And for file security, I’ve been relying on TrueCrypt, which is a piece of open source software that lets you create encrypted volumes.

The big concern with storing everything in an encrypted archive is that there is now a single point of failure. What if the archive gets corrupted?

According to the TrueCrypt FAQ, one corrupted bit typically causes loss of an entire block of encrypted data. The good news is that TrueCrypt stores your data in 16 byte (128 bit) blocks and corruption of one block doesn’t affect others. Thus, if data corruption occurs, the damage is limited.

Of course, if the file header gets corrupted, it may be impossible to open your archive. Here again, there’s good news… TrueCrypt allows you to backup the volume header (under “Tools > Backup Volume Header”) so, with a bit of forethought, a corrupted header is little more than a bump in the road.

But still, this all makes me a bit nervous. Thus, I pinged my pal Mike Piper, who likewise uses TrueCrypt to store sensitive financial documents.

Mike’s excellent suggestion was to simply keep multiple versions of your data archive. One way you might do this would be to duplicate your archive before you add data. As long as you don’t have huge archives, this is a straightforward solution.

Here’s how it might work:

Let’s say you have an archive called “important_data”. Whenever you open it to add data, duplicate it and append the date. So today, for example, I would name the new file “important_data_2012_12_03”. And when I add more data next week, I would create a new file called “important_data_2012_12_10”.

In other words, you’re keeping versioned backups. If one fails and you’re not able to restore from your online backup for whatever reason, you’ll only lose a small increment of data — whatever you added since the previous update.

For added safety, I suggest closing and re-opening the current and next most recent versions of your archive whenever you add data. That way you can be sure that everything is working as intended before you walk away.

All that’s left is to decide on a reasonable number of prior versions to keep, and then get in the habit of deleting the oldest whenever you create a new one. Easy peasy.

1 The College Investor December 3, 2012 at 10:29 am

Good tip on using versioned back-ups. You never know when something may happen, especially when encrypting data. I also suggest opening the encrypted archive immediately before upload to verify it isn’t corrupted.

2 Michael December 3, 2012 at 11:13 am

TCI: Excellent point. I meant to mention that but somehow left it out. I’ve gone back in and added it.

3 AverageJoe December 3, 2012 at 3:27 pm

I was well on my way to add the “multiple copies” advice, but Mike Piper beat me to it!

I SO need to do this same task. I have one shelf that’s burgeoning with files, all of which could easily be scanned into an encrypted archive.

4 Christopher @ This That and the MBA December 3, 2012 at 9:17 pm

At work we are moving more paperless, but that migration has not taken place on the homefront yet. I still have stuff in shoe boxes in closets….shhhh dont tell anyone. I am terrible at organizing our bills. This is definitely something I should look into seeing how our printer is an all in one with the scanner. A new computer is on the horizons first…someday i hope we will move paperless.

What I am at a loss with is actually organizing it once it is online. Do you recommend any good software to organize the bills and receipts ot keep them at a finger tip rather than just saving htem in a folder.

5 Tie the Money Knot December 3, 2012 at 10:53 pm

Probably a good idea to scan certain very important documents, and then keep those files as secure as possible. Not something I’ve spent enough time on, but it’s a good idea. As for shredding, I actually bought one and need to start using it.

6 Reason A Bubble May 22, 2013 at 4:50 am

You mentioned “online backup service- to protect against data loss”
Only use this for non sensitive data because if it’s on a server it’s potentially accessible to many people, even if it’s with encrypted programs like TrueCrypt which have known vulnerabilities.

Comments on this entry are closed.

Previous post:

Next post: