Microsoft's Private Folder application may not be so private
Westlake Village (CA) - Yesterday we wrote about Microsoft’s free Private Folder 1.0 application that encrypts and password protects a folder on a desktop. Thanks to the astute eyes of one of our readers and according to a closer look into the application, the contents of the folder may not be so private.
Reader Johnny Granlund emailed us this morning saying that he was able to access the folder simply by rebooting into Safe Mode. The question however remained - are the contents in the private folder still protected ?
TG Daily had a closer look. We created a test.txt file with the words "Wakka Wakka" and placed it inside the My Private Folder, then we booted into Safe Mode (with Command Prompt) by pressing F8 just before the Windows boot up screen appears. Sure enough, just like Mr. Granlund said, we were able to see the My Private Folder and all of its contents.
Unfortunately - or gladly, depending on your view - the contents of test.txt were an encrypted jumbled mess. We tried starting and stopping various services by entering "start services.msc", but that didn’t unscramble the files. So, while your private folder and its file names aren’t so private, your data is somewhat protected on what could be considered a consumer level.
Interestingly, uninstalling the application does not remove all files. Using the proper uninstallation process through the Add/Remove Programs in the Windows Control Panel caused the desktop shortcut to dispapper, but the folder at C :\Documents and Settings\USERNAME\My Private Folder stayed. The contents of the folder also survived, but remained encrypted. There were also two extra files, test.txt.$e_ and prvflder.dat that we had not seen before the uninstall.
While the files remained scrambled, it’s fairly trivial to look into and extract the contents of the files - albeit in encrypted form. We are sure that there are some enterprising individuals already hard at work examining the files with a hex editor. After all, the Black Hat and Defcon computer security conventions are just around the corner.
- microsoft ,
- private ,
- folder ,
- notsoprivate
- Gates: Vista likely to be ready in January
- HP may ship color version of Lightscribe later this year
- Almost 1000 vendors to deliver software for Vista at launch, says Microsoft
- Ricoh develops dual-format HD laser
- ECS to acquire Uniwill
- Lite-On IT may offer SATA DVD burners in Q4
- Prices for pre-N devices get slashed by over 20%
- Taiwan LCD panel makers eying twisted nematic technology to lower TV panel costs
- Displaysearch: TFT LCD fab utilization drops sharply in Q2 2006
- Prey now available in stores for Xbox 360 and PC
- Sony releases higher capacity Micro Vault flash drives
- Time Warner to outline AOL's future on 2 August
- Google to hire 1000 people in Michigan, saves $38 million
- MySpace more popular than Yahoo, Google
- EverQuest players get a new race in the Serpent's Spine Expansion pack
- Infocus announces a new bright and quiet projector
- Small percentage of people watching video on their mobile phones and iPods - report
- Fined: Microsoft penalized by EC for not explaining interoperability
