Wiping temp files after decrypting


  • Banned

    I want to be sure of one thing . . . and I could not find an answer in the help file. Sorry if I missed it.

    Suppose I have an encrypted archive (any form of encryrption). I open the archive to look at one file.

    Does PA WIPE the temporary file after I close the encrypted file?

    If not, could this be added?

    Hugh


  • Alpha Testers

    Yes.

    Wasn’t 100% sure but I just tested it and once I closed PA the temp file was deleted from the temp folder.


  • Banned

    Thanks, Luxor,

    I want to make sure sure, though, of two things.

    (1) is the file deleted or is it wiped?
    (2) If so, Is this something done by default on encrypted files, or is there some special setting.

    Best,


  • Alpha Testers

    @Socrates:

    Thanks, Luxor,

    I want to make sure sure, though, of two things.

    (1) is the file deleted or is it wiped?

    Deleted as far as I know. spwolf will hopefully tell us if it is wiped. I have my doubts about that but I don’t know enough to know for sure.
    @Socrates:

    (2) If so, Is this something done by default on encrypted files, or is there some special setting.

    Best,

    It’s by default would be my answer. But again let’s wait for spwolf or one of the other devs for the definitive answer. 🙂


  • conexware

    @Socrates:

    Thanks, Luxor,

    I want to make sure sure, though, of two things.

    (1) is the file deleted or is it wiped?
    (2) If so, Is this something done by default on encrypted files, or is there some special setting.

    Best,

    it is currently deleted, not wiped… wiped would mean data was overwritten by zeroes several times.



  • @spwolf:

    it is currently deleted, not wiped… wiped would mean data was overwritten by zeroes several times.

    Maybe it’s worth adding that to the request list. for Pro and Toolbox users.

    Goverment Wiped Temp’s made from PA.

    However, for the users who are wanting to wipe this data if you download a free app called CCleaner it has multiple wiping options and customisable locations to add.

    PowerArchiver has the ability to custom the location of temp files you can change this in the config screen.

    Until the team have made something that wipes data whenever that will be you could use my suggestion.


  • conexware

    Sir Richard always tries to limit our PA Standard users, bad Richard, bad! 🙂



  • @spwolf:

    it is currently deleted, not wiped… wiped would mean data was overwritten by zeroes several times.

    Not just zeroes, though 😉



  • @spwolf:

    Sir Richard always tries to limit our PA Standard users, bad Richard, bad! 🙂

    I just think that a feature such as Goverment Wiping is more towards end users who are heavy users and use things like encryption, backup etc more than most.

    So pro and toolbox falls into line.

    dont get me wrong, if you want to offer it for all then good on you 😉 i keep coming up with increasing your sales for Pro + and you keep knocking me down. LOL


  • conexware

    @Sir:

    I just think that a feature such as Goverment Wiping is more towards end users who are heavy users and use things like encryption, backup etc more than most.

    So pro and toolbox falls into line.

    dont get me wrong, if you want to offer it for all then good on you 😉 i keep coming up with increasing your sales for Pro + and you keep knocking me down. LOL

    government wiping? sounds like the feds will be soon all over us :-).



  • lol, As long as you have me on your team i’ll keep them pesky feds at bay 🙂


  • Banned

    I often keep private correspondence and financial files in encrypted archives.

    I am trying to understand precisely how PA handles both the creation and extraction of the constituent files. I would prefer to leave no residue of said files floating around as flotsam and jetsam on the hard drive.

    I have software that will wipe files – if I know precisely where those files are. However, if PA deletes but does not wipe a file, then I am not sure how I can properly wipe it.

    Relatedly . . . if I include the setting that says “use the current file as the temp file” does that mean that all files used to build the archive, AND all files extracted from said archive will be in the current folder? That might make my task easier.

    And how does THIS setting supplement, override, or compete with the temp file location setting?

    Perhaps one solution is to just not have PA ever create temp files, at least not for encrypted archives.

    No rush on an answer . . . I am just trying to better understand my options.


  • conexware

    best option would be for us to wipe (overwrite the data and then delete) it :-).

    few people have asked about it already so it will probably come soon enough.



  • @spwolf:

    best option would be for us to wipe (overwrite the data and then delete) it :-).

    few people have asked about it already so it will probably come soon enough.

    Dam rite! another good thing for those concirned about Securing their data without the added hassle of additional software.

    I have a few archives containing documents with confidential info, they are of course encrypted, but i always wipe the Temp location after i have finished with certain tools available.

    However, if PA offered a FIPS wipe method that would be boss!



  • it would be nice on the same level to have the files put in a folder that cannot be opened except through powerarchiver and with there original password. cause once its in the temp file anyone on a network computer can read your temp file and copy the files.

    just an idea


  • Banned

    @spwolf:

    best option would be for us to wipe (overwrite the data and then delete) it :-).

    few people have asked about it already so it will probably come soon enough.

    That would be great. I now use FileEncyption XL to handle my most sensivitive data (including PA archives) since (a) it doesn’t create a temp file, and (b) it has an option to wipe files that are included in encyrpted files, and those extracted from encrypted files. So if PA had this, I could dump the other program.

    Still, I know PA cannot do everything – you must pick choose. So this is just a wish . . … nothing more.


  • conexware

    added wiping to 12.5 beta… to be released this week… thanks for the suggestion.


  • Banned

    I am impressed. Look forward to seeing it.

    I assume it will be upgradable via PatchBeam.

    I also assume that you will let us know if you want us to alpha test ZTE.



  • @spwolf:

    added wiping to 12.5 beta… to be released this week… thanks for the suggestion.

    This is fantastic news! It’s a good step forward with the significant steps forward within the security aspects only recently introduced into the PA Suite… ie FTP; Backup and Encryption options being FIPS Validated.

    Now Wiping on Temp’s, this is something the competitors DONT do!

    Without being pushy! and accepting its not a fully finished product, is there an option to verify the number of writes made like you would have in CCleaner, or steganos etc etc or is it a preset number?

    Ideally if PA could have a Quick, Secure & Paranoid mode or custom wipes and detail of what that means then that too would be another fantastic feature… It also means you are ticking many firm’s buttons when it comes to wipe options regarding confidential archives.


  • conexware

    there are options: 1, 3 and 7 passes, based on that DoD 5220.22-M standard/suggestion. Is that what you meant Richard?



  • @spwolf:

    there are options: 1, 3 and 7 passes, based on that DoD 5220.22-M standard/suggestion. Is that what you meant Richard?

    🙂 Yes! that is exactly what i meant and is exactly what the security conscious user want’s see!

    Thank you Drazen! Thank you ConeXware



  • Just to confirm that a recent update to PA that resolve’s ISO Driver’s also contains the 1st ever Wipe Facility for Archive’s…
    http://www.powerarchiver.com/test/alpha120/powarc125003.exe

    Although, this is a very new feature and I am sure there may be possible bugs and improvments it would be nice to get some feedback and possible feature requests. Remember that this is a Archive tool not a goverment wiping program so anything outside that of Backup’s, Zips, FTP etc is not possible.

    One area, that i would like to see within the “Configuration -> Security -> Wipe” Settings would be wipe options on specific file types and size’s within a custom box for example;

    Type - Size From - Wipe Method
    *PAE >5,000KB RCMP (DSX)
    *PAE <500KB GUTMANN 35
    *Zip ALL SIZES RANDOM
    *7Z ALL SIZES US DoD 5220.22-M (E)

    And a normal Tick Box saying on the lines of “Wipe All Formats Same” and the Typical Drop Box.

    Another feature within Shell Extensions under Extract “Extract & Wipe Archive” then under Compress “Compress & Wipe Original” it would also be good to see a new split “Wipe Options” including wipe PA History, Wipe Selected Archives “Brings up a Dialog Box and user can select multiple Archives for Wiping”

    All of this is based around securing Temps, old archives, encrypted files used with PA only.

    It would also be a good idea to see this particular Config Screen including passwork manager , policies and wipe methods lockable via a Password.

    Obviosly, these are my idea’s some may disagree… however, i feel that this is a strong step forward for Conexware and i can see it scoring many firms tick boxes and personal users concirns about securing their personal files.


  • conexware

    why would you base your security policy on size of type of archive?

    Also, while functionality is there, options are explanations of those windows are not final.



  • @spwolf:

    why would you base your security policy on size of type of archive?

    Also, while functionality is there, options are explanations of those windows are not final.

    As always, I understand that “Beta” and “Alpha” dont represent a final product so I expect that the product isnt finished 🙂 so no worries there fella.

    With regards as to the file size, there are a few reasons;

    1. Some Users would Encrypt with a specifc file and as such would want a higher level of security of that than others.

    2. Wiping can take significant resources & time to finalize depending on the size having the ability to scale those options can aid… “You could even add a time of wipe ie when screensaver turns on”

    3. Also reference size, some users would encrypt highly confidential files in splits in order to make it harder to find and compile as such the file sizes are smaller so again having a setting for *PAE to wipe on files always less than 2megs on Maximum Gutman.

    When i worked for “Urenco” i worked in a small project team to write with a firm a security application to “secure” files some of those settings i mentioned were key aspects raised by end users dealing with specific secure files extracted from systems. Certain files of their sizes were destroyed with the highest form were others although larger in size but less confidential were wiped with a ramdom wipe “still secure” but not as timely.

    These afterall are suggestions.

    It would also be advised to have a Log just like you have backup log. this log writes a confirmation of wipe per file. something some firms request to validate secure wiping of confidential data. it also aids to confirming there were no interuptions.


  • conexware

    Here is 12.5 Pre-Beta release:
    http://www.powerarchiver.com/test/alpha120/powarc125003.exe

    it has it now properly named… you have 3 options:
    1, 3, 7 passes, all based on DoD 5220.22-M.

    Obviously if you use 7 passes, it will overwrite those files 7 times, which means it will be slower than normal file delete.



  • @spwolf:

    Here is 12.5 Pre-Beta release:
    http://www.powerarchiver.com/test/alpha120/powarc125003.exe

    it has it now properly named… you have 3 options:
    1, 3, 7 passes, all based on DoD 5220.22-M.

    Obviously if you use 7 passes, it will overwrite those files 7 times, which means it will be slower than normal file delete.

    Top Notch Boss! I shall count this as a Birthday present from ConeXware lol. I look forward to this being expanded on further as time goes on. and as always, happy to aid in testing, suggestions etc


  • conexware

    anything other than this, write up new thread… for instance, separate wipe tool for deleting files securely? Wishlist forums 🙂


Log in to reply
 

  • 6
  • 2
  • 10
  • 6
  • 1
  • 5
  • 5
  • 4