Security Requirements and Precautions Pertaining to Hidden Volumes

If you use a hidden VeraCrypt volume, you must follow the security requirements and precautions listed below in this section. Disclaimer: This section is not guaranteed to contain a list of all security issues and attacks that might adversely affect or limit the ability of VeraCrypt to secure data stored in a hidden VeraCrypt volume and the ability to provide plausible deniability.

If an adversary has access to a (unmounted) VeraCrypt volume at several points over time, he may be able to determine which sectors of the volume are changing. If you change the contents of a hidden volume (e.g., create/copy new files to the hidden volume or modify/delete/rename/move files stored on the hidden volume, etc.), the contents of sectors (ciphertext) in the hidden volume area will change. After being given the password to the outer volume, the adversary might demand an explanation why these sectors changed. Your failure to provide a plausible explanation might indicate the existence of a hidden volume within the outer volume.

Note that issues similar to the one described above may also arise, for example, in the following cases:
- The file system in which you store a file-hosted VeraCrypt container has been defragmented and a copy of the VeraCrypt container (or of its fragment) remains in the free space on the host volume (in the defragmented file system). To prevent this, do one of the following:
  - ```
  /*
   Derived from source code of TrueCrypt 7.1a, which is
   Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
   by the TrueCrypt License 3.0.
  
   Modifications and additions to the original source code (contained in this file) 
   and all other portions of this file are Copyright (c) 2013-2016 IDRIX
   and are governed by the Apache License 2.0 the full text of which is
   contained in the file License.txt included in VeraCrypt binary and source
   code distribution packages.
  */
  
  #include <wx/wx.h>
  #include <wx/filename.h>
  #include <wx/mstream.h>
  #include <wx/snglinst.h>
  #include <wx/txtstrm.h>
  #include <wx/wfstream.h>
  
  #ifndef TC_NO_GUI
  #include <wx/dnd.h>
  #include <wx/hyperlink.h>
  #include <wx/listctrl.h>
  #include <wx/imaglist.h>
  #include <wx/power.h>
  #include <wx/taskbar.h>
  #include <wx/valgen.h>
  #endif
  
  #include <iostream>
  #include <sstream>
  #include <memory.h>
  #include <stdio.h>
  #include <stdlib.h>
```

* This does not apply to filesystems on CD/DVD-like media and on custom, untypical, or non-standard devices/media.