July 12, 2006 at 3:13 pm
Secure at Home
With all of the issues with data theft, identity theft, and plain old auto theft, it's good to see some companies working to help you be more secure. Recently I saw a neat new tool that allows you to password protect a folder to sheild it from access by others. It's Private Folders from Microsoft and it's a first step in helping us be more secure. I'm sure something like this will be in Vista, but it's available now for XP.
I use Password Safe to store passwords and I love it. It's been a staple on my various computers for about 5 years, allowing me to easily keep track of logins and passwords across dozens of sites and servers. However it's got limitations, one of which is I can only store limited information. It would be great if there was a way to add documents to this and Private Folders seems like it solves this issue.
However there are some problems here and I'd encourage you to let MS know about them. First of all you need to install the WGA software. I'm not thrilled it that, but I understand it. However besides requiring that you have a legal license according to Microsoft, they're not offering support.
Umm, ahhh, if you provide some type of encryption for files, you need to be sure you support people that will use it. It's just asking people to lose some piece of data that's imoportant to them and then make them mad at you. I don't know how you give people a tool that can lose data without giving some type of key escrow capability.
Maybe this will be a cool tool with version 3.0
Steve Jones
July 12, 2006 at 3:44 pm
key escrow is the devil. ask bruce schneier:
"Key escrow also makes it harder for the good guys to secure the important stuff. All key-escrow systems require the existence of a highly sensitive and highly available secret key or collection of keys that must be maintained in a secure manner over an extended time period. These systems must make decryption information quickly accessible to law enforcement agencies without notice to the key owners. Does anyone really think that we can build this kind of system securely? It would be a security engineering task of unbelievable magnitude, and I don't think we have a prayer of getting it right. We can't build a secure operating system, let alone a secure computer and secure network."
-- Stephen Cook
July 13, 2006 at 6:41 am
Consider TrueCrypt
It's free, open sourced (VERY valuable characteristic for encryption software), allows file/device keying in addtion to password keying, as well as completely hiddend data stores within virtual directories (plausible deniability).
[and you don't need that wretched WGA spyware, which I find very worrisom]
...
-- FORTRAN manual for Xerox Computers --
July 13, 2006 at 6:53 am
Actually Bruce is opposed to wide scale (such as government) key escrow which expects immediate access to one of millions of copies of an application. There is not such a big problem of escrowing a key (or using shared value keys) within a local organizational structure.
...
-- FORTRAN manual for Xerox Computers --
July 13, 2006 at 9:11 am
I agree with large scale key escrow, but the individual or organization has to be able to recover keys. Too many people will forget them if you have no way and the loss of data leads to the lack of encryption.
July 13, 2006 at 11:53 am
RE: Private Folders ...
You have GOT to be kidding ... I'm just waiting for the day that we suddenly have a bunch of folders on our file servers that the admins can't see into, can't delete, can't move, etc. And guess who's going to get the call when someone's Really Important Document is locked in their Private Folder and they can't get in? Better yet, wait until the malware and spyware companies get ahold of this technology! How're you going to clean that mess?
Who knows what MS was thinking, but I can guarantee that this is going to be some Admin's nightmare.
Steve G.
July 13, 2006 at 4:25 pm
Maybe they can just shove it up their a**
The systems fine with no users loggged in. Can we keep it that way ?br>
July 13, 2006 at 4:36 pm
I misread that, sorry. He said "key escrow capability", meaning the local admin could set it up (I thought he was asking for MicroSoft to leave a backdoor by default).
I wonder why Private Folders requires a "high-resolution Super VGA video adapter and monitor to work properly"...
-- Stephen Cook
July 13, 2006 at 8:51 pm
lazy developers ?
July 20, 2006 at 12:27 am
a bit of an old thread but I came across this:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9001814
MicroSoft is giving up on Private Folder 1.0 because people complained.
-- Stephen Cook
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply