Feeds

Don't let Windows Indexing Service know too much

Keeping index files under control

  • alert
  • submit to reddit

SANS - Survey on application security programs

Privacy workshop The Windows Indexing Service catalogues the contents of your hard disk, and even the contents of files, to make local searching faster.

This service creates and later consults a number of small databases containing data about your disk's contents, including the actual contents of files, which can undermine the practice of good data hygiene. Indexing creates what amounts to a scattered secondary volume of your data, and your wipe utility might fail to erase all these related traces when it erases a file.

However, the Indexing Service is also a significant convenience. It's not essential for searching, but it speeds up searches and enables you to search for strings within files. So it's not something to do away with unless you are primarily concerned about privacy and data hygiene.

There are two levels of response here, and you can choose your poison. First, indexing can be shut off altogether, and you can then wipe the index files and that will be the end of it. Second, you can shut it off temporarily, wipe the index files, and then re-enable the service, only this time selecting the particular directories to be indexed. This way, you can use the service, but prevent the indexing of directories containing sensitive information.

For those interested in the nuclear option, consider that, for an added bonus, disabling the Indexing Service will free up some processor resources and RAM. If you are unlikely to search very often, it's foolish to devote system resources to speeding up a service that you don't really depend on, or even want.

Of course, if you normally spend a great deal of time searching for files, or for strings of text within your files, you'll be grateful for the Indexing Service, although it does make data hygiene pretty much impossible if you index directories and files indiscriminately.

Regardless of which option you choose, begin by disabling the service and wiping the old index files. First, log in as an Administrator, and begin by shutting it off:

1. Go to the Start menu and choose Run.

2. Type in services.msc and click OK. The Services dialogue will launch.

3. Right-click on the Indexing Service to bring up the Properties dialogue, and click Stop if the service is running. Then select Disabled. Click Apply and close the dialogue.

4. Go to My Computer. Next, select (Local Disk C:) under "Hard Disk Drives".

5. Right-click on the (Local Disk C:) icon and choose Properties from the right-click menu. The Local Disk Properties dialogue will pop up. Near the bottom you will see a tick box beside the option: "Allow Indexing Service to index this disk for fast file searching" (the option will not be available on all systems, so don't worry if you don't see it).

6. Clear the tick box, click Apply, and in the next dialogue, select the option "Apply changes to C:\, subfolders and files." Click OK, and reboot.

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.