TrueCrypt 4.3a's little quirks

Here's the main one:

<?xml version="1.0" encoding="utf-8"?>
<TrueCrypt>
        <defaultkeyfiles>
                <keyfile>E:\Keyfiles\wok.zip</keyfile>
        </defaultkeyfiles>
</TrueCrypt>

With Vista, this information is squirreled away in C:\Users\Yourname\AppData\Roaming\TrueCrypt, plain as day. Favorite volumes is also there, also unencrypted.

That means, if you set up a turnkey system — i.e., one where favorite volumes automatically mount when you log in, because you use an empty password, plus you use a keyfile located on the USB flash drive mounted on drive E) anybody who cares to know, can know.

Also, I wonder why you can't cascade hash algorithms anymore; not since version 4.2, evidently. Cascading encryption is pretty much useless, since AES or Serpent or Twofish are each and all unbreakable in universes which have proton decay. Cascading hashes might actually prevent some sort of vulnerability in key generation, though; pipes leak at either end, usually through the numbnuts who select weak passwords and don't want to hassle with mysterious keyfiles.

Keyfiles are a gas. You can use them to set up turnkey systems, as noted above. No more passwords!