Controversy rages over file encryption in Vista
One of the most common file encryption systems may still have a fatal flaw on Vista machines according to a security expert. Bruce Schneier says Vista users may still inadvertently leave traces which would allow hackers or government officials to know they have used encrypted files.
The TrueCrypt system, which is open-source and distributed without charge, is promoted as a Deniable File System. This means it not only encrypts information, but it hides the existence of encrypted files altogether.
It also includes ‘plausible deniability’ technology in which there are two sets of encrypted data: if a computer owner forced to hand over a password, officials will see what they think are all the secret files, unaware parts of the drive remain hidden. While this is obviously open to abuse by criminals, there are plenty of perfectly legitimate uses such as laptop owners wanting to evade snooping officials at airport security checks.
However, Schneier, a leading computer encryption authority who is even name-checked in The Da Vinci Code, says Vista is among the software that brings the system down. Along with Word and Google Desktop, it creates traces every time a supposedly-hidden section of the hard drive is accessed.
In Vista’s case, the problem is that every time a user opens a file (hidden or not), it creates a shortcut in the Recent Items folder. Anyone examining the computer would know the file existed which, even though the contents remained hidden, could be enough to cause legal problems such as a court order to unscramble the data.
The makers of TrueCrypt say the latest edition, released earlier this month, solves the problem. It does so by actually hiding the existence of the operating system itself – albeit through a process that can take several days to get up and running. The theory is that there would be no trace of the user having even run the hidden copy of Vista, let alone accessing the secret files. But Schneier says it’s only a matter of time before somebody discovers a flaw in this solution.
It seems that while encryption certainly can keep the contents of files secret, there may never be a truly guaranteed way to hide the existence of files. If Schneier and other experts are correct, the only way a Deniable File System can be guaranteed to work is if you encrypt an entire hard drive. Unfortunately that will probably only work until you encounter someone with a screwdriver and the ability to count.
Related Posts:
July 20th, 2008
The first rule of best-practice security is this: if the data needs to be secured, don’t use Microsoft products, as they have more holes than a Swiss cheese that’s been machine-gunned. Anyone who is silly enough to slap third-party security software of *any* type on top of Vista deserves all the trouble they get – they would be much better advised to use a real operating system.