Microsoft Retracts Private Folder Option

An anonymous reader writes "Just recently, an update to Windows added the option to password-encrypt a personal folder. The intent was to allow users who share PCs to have a measure of privacy, but C|Net reports the company is now removing that functionality with a patch. IT managers hit the roof when the option was added, complaining of the possibility of lost passwords and inaccessible data." From the article: "'Oh great, have they even thought about the impact this could have on enterprises. I'm already trying to frantically find information on this product so that A) I can block to all our desktops and B) figure out how we then support it when users inevitably lose files. I can see the benefit in this product for home users, but it's a bit of a sloppy release by Microsoft,' Stuart Graham said in a posting on Windows Server-related site MSBlog."

Nothing for you to see here. Please move along.

[The MAZZTer]

Oh great, they retracted the article too!

But more seriously... you can still download it here: http://fileforum.betanews.com/detail/Microsoft_Pri vate_Folder/1152200243/1 [betanews.com] (redirects to download.microsoft.com) all that was removed was the HTML download page.

On a related note, are the legions of ZIP tool companies going to retract ZIP encryption or password protection? Other archive format encryption schemes? How about general encryption programs? Oh f***, I wrote a DES implementation once, I'm screwed now aren't I?

Who cares...

[Poromenos1]

TrueCrypt [truecrypt.org] is your friend. It's open source, it mounts as a drive and you can even have hidden volumes (so you can deny having stored porn when your gf tells you to show her). It's great.

Re:i tried this out...

[The MAZZTer]

Yo can delete the icon from your desktop. Then you can access it from explorer under Desktop... want it somewhere else? That's why we have shortcuts. :)

Or if you want to be slicker about it you can get the NTFSLink tool and make a Junction to C:\Documents and Settings\\My Private Folder.

Re:Er. Uh. Uhm...

[Planesdragon]

How is the retracted update different from the functionality which I have seen in-place since I bought the machine a year ago?

Log on as a user. "encrypt" a file.

Log on as an administrator. Go try and read that file.

With MS's new toy, that wouldn't happen.

I decided to try this software

[CyberSlugGump]

I was not impressed.
Machine locked up when trying to change password. Apparently Symantec AntiVirus 9's AutoProtect feature was the problem. (Disabling AutoProtect lets you change the password.) Because Private Folder 1.0 is not officially supported by Microsoft, there is no way to report this isssue.

Microsoft Private Folder 1.0 has an option to export encrypted files. The files remain encrypted, but the password must somehow be embedded in the exported files since you can go to a different computer with Private Fodler 1.0 installed to decrypt the files. HOWEVER, if hard drive crashes and you need to use data recovery software (R-Stuio, GetDataBack, etc.) there is no straight forward way of decrypting the files even if you know the password. Boot a machine with BartPE to look at the "My Private Folder" directory and the encrypted files look different than exported files (which leads me to think the password is embedded in the exported files). If you copy and paste encrypted files to that directory from BartPE/WinPE, you can make the data "unrecoverable"....

Re:What an example of vocabulary outpacing functio

[mliikset]

'irregardless' IS a properly constructed word. It means 'not regardless', which is not, I'm sure, what he meant to convey.

Re:That could've been a good feature!

[Anonymous Coward]

"I can even set domain-wide everyone's home page in Internet Explorer (and I can change pretty much every other setting in IE as well)."
If you can do all of that, why cant you install firefox?

Because if he installs Firefox some way (I shudder to even think how), the users can't upgrade it on their own, none of the settings can be changed, and every time a dozen remote exploit holes are fixed in Fx, it will have to be reinstalled from scratch on each and every PC - patches won't come from WSUS.

Firefox is nice for home users, but it has no place in the corporate world yet.

Re:NTFS?

[gr8dude]

It uses some data from the user's profile as an encryption key. If you re-install the OS, or delete the user account - your data are really gone.

You cannot access EFS encrypted data if you mount the hard disk to a different machine; nor you can do that if you're dual booting.

So volume-based encryption tools such as Private Disk or TrueCrypt are a better idea. Not only that they give you more features, but they use more reliable encryption mechanisms. (EFS uses 3DES, and you get AES if you apply a service pack)

Re:I decided to try this software

[gr8dude]

HOWEVER, if hard drive crashes and you need to use data recovery software (R-Stuio, GetDataBack, etc.) there is no straight forward way of decrypting the files even if you know the password.

Data loss can be really painful, if the data were encrypted. Normally, the decryption key is embedded into the encrypted file itself, but the encryption key (let's denote it with k_E) itself is encrypted with something, a password for example, or the password's hash. So, even though k_E resides inside the encrypted file, it doesn't make the file less secure, but it does make it more fragile. If there's a one bit change in the part of the file which holds k_E, then the data are gone forever. When k_E is obtained by decrypting it using the password (or the password's hash), it will not be correct, because of that flipped bit. So the data recovery programs you mentioned may be able to physically recover the data, but that is useless, because at the logical level - the gathered data are encrypted, and the true encryption key was lost. If something like CBC mode is used, then an error in the first decrypted block will propagate to the next, and so on.... What you will recover is a bunch of crap.

The solution is to make a backup of the area of the file which contains k_E, provided that the encryption software allows you to do that. If it doesn't, then I am afraid to use such a program (unless somebody guarantees I will never have power outages, and my hardware will never fail, and my OS is going to last forever, etc). Of course, you can always backup the encrypted file itself, but then the backup is of a much greater size that it could have been if you backed up only k_E.

Re:Who's threatened?

[Anonymous Coward]

That might very well be the case in the US, but here in the EU, the jurisprudence in place here has recognized that there is a certain privitazation during working hours, and an employee therefore has the human right of privacy, within limits, at work. Thus, you're allowed to use a work telephone to call your doctor without the call being taped (could be a different phone than the one on your desk) as well as using your corporate e-mail address for personal correspondence in the expectation that it won't be read (using PRIVATE on the subject line, or having an Inbox folder labeled as such).

Now, IANAL, but I was a member of my company's Works Council and did all the research when my company started implimenting an Internet/E-mail policy, and have read some of the decisions made by the European Court of Human Rights, including commentary and suggestions from the semi-governmental privacy watchdog. A 'private' folder for working on a new resume, or other such personal things, most definitely would be allowed and the Administrators cannot just go into them even though the computer is company property.

Of course, there are limits as to what you can do privately, and companies can impose reasonable and justifiable restrictions (no porn, no racist content) BUT an employee can expect that system admins won't go into a folder marked PRIVATE without a very serious suspicion of something going on. If you do, the employee stands a good chance of winning a lawsuit should less intrusive methods weren't used first.

A simpler answer to this folder issue would be to either lock users out of installing software on their own (which given the number of programs that need Admin rights to run isn't always an option) or by having a policy in place that states no IT help will be given for unauthorized installations, and enforce it. Or inform the users that regular scans will be made of installed programs and sanctions will be applied to those found with unexplained programs, like this encrypted folder.

Re:That could've been a good feature!

[Trashman]

So are you suggesting that regular users get write access to Firefox' directory? That's a no-no. Do you give all users on your Linux/UN*X boxen write access to /bin, /sbin, /lib, /usr/lib...? Are you saying that users on Linux get to update the one and only copy of Firefox on the system, sans sudo?

I just want to clarify something. On my linux system (which is debian btw,) The Firefox (and Thunderbird) binaries are installed via Apt updates. Any themes and extentions you install are in your own profile, they _ARE_NOT_ System wide. unless you run firefox as root and install the Extention/theme as root. Only then the change is system-wide. I imagine that Debian is not the only Distro that does it this way.

Re:That could've been a good feature!

[Anonymous Coward]

Actually, there are msi and active directory integrated versions of Firefox available. Also, you can install Firefox to a network share, and run it without any installation on the desktop, except creating a shortcut. Want to upgrade Firefox for all users? Update the one shared version, done. Saying you can't install Firefox on a large scale is short-sighted at best. I have deployed it over thousands of desktops and find it far easier to deploy and update than IE. After updating, no reboot is required as is almost always the case with IE.

Re:That could've been a good feature!

[stigpalm]

I think you'll find GPO == Group Policy Object

Re:That could've been a good feature!

[NtroP]

On OS X, you have the option of creating a "Master Password" that has the ability to unlock any encrypted home directories. It shouldn't be too hard to implement a setting that says a Domain Admin can unlock any encrypted files on computers that are joined to their domain. Something is fishy here. There has to be more broken with this scheme than just the user being able to encrypt their data.