Microsoft's Private Folder application may not be so private
Source: Tom's Hardware US – Keywords: microsoft, private, folder, notsoprivate
Syndication:
Westlake Village (CA) - Yesterday we wrote about Microsoft's free Private Folder 1.0 application that encrypts and password protects a folder on a desktop. Thanks to the astute eyes of one of our readers and according to a closer look into the application, the contents of the folder may not be so private.
Reader Johnny Granlund emailed us this morning saying that he was able to access the folder simply by rebooting into Safe Mode. The question however remained - are the contents in the private folder still protected?
TG Daily had a closer look. We created a test.txt file with the words "Wakka Wakka" and placed it inside the My Private Folder, then we booted into Safe Mode (with Command Prompt) by pressing F8 just before the Windows boot up screen appears. Sure enough, just like Mr. Granlund said, we were able to see the My Private Folder and all of its contents.
Unfortunately - or gladly, depending on your view - the contents of test.txt were an encrypted jumbled mess. We tried starting and stopping various services by entering "start services.msc", but that didn't unscramble the files. So, while your private folder and its file names aren't so private, your data is somewhat protected on what could be considered a consumer level.
Interestingly, uninstalling the application does not remove all files. Using the proper uninstallation process through the Add/Remove Programs in the Windows Control Panel caused the desktop shortcut to dispapper, but the folder at C:\Documents and Settings\USERNAME\My Private Folder stayed. The contents of the folder also survived, but remained encrypted. There were also two extra files, test.txt.$e_ and prvflder.dat that we had not seen before the uninstall.
While the files remained scrambled, it's fairly trivial to look into and extract the contents of the files - albeit in encrypted form. We are sure that there are some enterprising individuals already hard at work examining the files with a hex editor. After all, the Black Hat and Defcon computer security conventions are just around the corner.
- Sun luring enterprise customers away from Intel
- Microsoft releases free encrypted folder app
- Firefox usage up, IE usage down - report
- Canon releases seven photo and all-in-one printers
- Lotus Notes now available for Linux
- Freescale first to put MRAM into mass production
- Streetdeck Car Computer makes you want to be stuck in traffic
- No AMD K8L processor for AM3 socket until 2008, say sources
- ATI hits first with HDMI and HDCP
- Notebook makers see demand pick up after CPU price cuts
