I would like to do the following on my windows (10 or 11) computer:
- Move photos from an SD card into a mounted veracrypt volume.
- Edit photos inside the veracrypt volume using RawTherapee.
- View the edited photos inside the veracrypt volume.
I would like that whenever I unmount the veracrypt volume, there is no trace of the photo files left on the computer.
I already noticed that the “recent files” feature of windows explorer stores the path name and a thumbnail of a picture that was opened with photo viewer for example. That is not good.
Are there other pitfalls like this I need to watch out for?
I know the obvious answer, but I’m pretty sure the mods will remove it.
Does it start with L?
Maybe so.
But seriously, if I don’t want Windows spying on me for a task, I wouldn’t use Windows for that task.
There’s no way I could ever trust the modern Windows OS to not be monitoring me, regardless of the settings I’ve applied. And I’m a systems engineer with nearly 2 decades of Windows administration under my belt.
Unless you’re running an enterprise license, there’s telemetry shit you literally can’t turn off.
The beauty of a live ISO is that when you turn your computer off, there’s no trace left.
I mean, I suppose you could do the transfer on a computer physically unable to connect to the Internet and do a clean install of Windows after, but that’s way more work than is necessary.
I don’t use Windows. There was even a time for Work where our enterprise CAD/CAM had a Linux version and I could run Linux on my workstation. Sadly they removed the GUI support, so we still can use it for batch processing CAD data, and the PLM system still has Linux
That’s actually an interesting point. But how do you ensure the same under Linux? Doesn’t Gnome or KDE also track recently opened files somehow?
If you use a live ISO, then everything goes away when you turn the computer off.
It might be overkill, but if you want absolutely no trace, you could create a separate Windows VM to do that work in. Other than some trace of your SD card having been connected, you’re not likely to have any evidence left on your host OS.
You could keep the VM in the encrypted volume if you have space, or you could delete it when you’re done (and even scrub the file system after if you’re paranoid).
Have fun editing your nudes! (j/k… unless…)
Thanks! Putting everything into a VM is actually a nice idea. Then I would just need to encrypt the hard disk file of that VM, and things should be simple. It creates a larger file though, but that is probably manageable.
