This article is just an analysis of one of the inherent and well-documented weaknesses in truecrypt: the fact that the encryption key must stay in RAM the entire time you are using an encrypted volume. So, as has always been the case, treat the contents of your RAM as precious when a truecrypt volume is mounted.
How would you treat your RAM contents as precious? Just making sure you're on a pristine machine, and nothing else is running? Can other unrelated processes access the key from RAM?
Well, in theory, let's say you've got a laptop encrypted with Truecrypt. You put it in sleep mode instead of switching it completely off or hibernating,because you are just nipping out for a coffee. An attacker could then steal it, lower its temperature(let's say they put it in a freezer for a while), and then extract - literally take out - the RAM from that machine and plug it into a specially prepared station which would then be used to extract the contents of that memory. In low temperatures, RAM data retention is measured in minutes, so all data you had in your system would be preserved, including the encryption key.
Unlikely? Quite, unless someone like NSA or FBI want your data. Possible? Yes, with the right resources.
> How would you treat your RAM contents as precious?
For one, don't let anyone get physical access to the computer while it is running and the volume is mounted (even if the screen is locked). This may even apply for several minutes after the machine is turned off: https://freedom-to-tinker.com/blog/felten/new-research-resul...
> Can other unrelated processes access the key from RAM?
Unless you're using a trusted computing environment, right? In which case, if you trust the processor and startup environment, the kernel can be assured to run safely and prevent such attacks. Correct?
It means if you're worried about the contents of your encrypted drives being uncovered, you need to make sure no malicious processes gain access to a dump of your system's memory while it's booted / running / encrypted drives are mounted.