Feeds

Could invisibility beat encryption?

Canadians add cloaking device to Windows files

Secure remote control for conventional and virtual desktops

PCMesh has unveiled software which it claims can hide any Windows file or directory, not only from other users - or thieves - of the same PC, but even from the operating system or a virus.

"Data that's protected by PCMesh Hide Files and Folders is not visible, so it can't be attacked," the company claimed. "In fact, the software itself does not even run continually, so it does not announce its presence to snoopers and hackers. The only time the software is active is when it's being used to hide or reveal protected files or directories."

Ontario-based PCMesh refused to say how the US$39.95 (around £20) program works, but running it showed that it's nothing obvious - such as marking them as hidden system files, or marking the disk space as bad blocks.

However, while protected files did not show up in the file manager, Windows clearly knew that something was there - it reported the disk space as allocated, and wouldn't overwrite it. Protected files still showed up by name in Defrag analysis reports too, so they weren't completely invisible.

Why not do the job properly and encrypt the stuff that you want to hide? PCMesh's argument is that encrypted files are still visible on the disk, and their very presence tells others that you have something to hide. It also points out that it takes time to encrypt a file - a lot of time, if it's a large file - and the likes of DES encryption are now crackable anyway.

The problem is that if others can see you've installed Hide Files and Folders, that too tells them you have something to hide. And without encryption your data is still visible to anyone with a sector editor, so while the software might deter the casual eavesdropper, it's unlikely to satisfy serious security needs.

If you're a home user looking to hide stuff from the family, this might do the trick. But for anything more serious you have to encrypt - and references to DES being cracked are simply attempts to obfuscate, when the serious stuff has moved to 128-bit AES and beyond. ®

Beginner's guide to SSL certificates

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.