Changes to MS VSS in Vista/7 - Impossible to delete files?

[Tom T.]

Found this link courtesy of Bruce Schneier's great blog:

http://blog.szynalski.com/2009/11/23/vo ... m-restore/

Bottom line: There have been major changes in the implementation of Volume Shadow Copy Service (VSS) and System Restore from XP to Vista/Windows 7. These changes *may make it impossible to delete any particular file completely*, even using secure-delete tools (like Eraser).

If you use Vista or 7 and count on secure file-deletion tools, this is must-reading.

(FWIW, this user long ago disabled VSS, MS Volume Shadow Copy Provider, and System Restore on XP SP2 as a huge waste of resources anyway, in favor of frequent backups of both data and full-disk-image to external media, i. e. flash drive, then to CD/DVD. *IMHO*, *not* advice. Do your own investigation and make your own choices, or leave the Windows defaults in place, please.)

[computerfreaker]

Wow.

I don't use Vista or 7, and I'm thankful I don't... the privacy implications are staggering.
Do you have any idea if MS is planning to fix this? (I'd assume not, since it appears to be intended behavior.)

[Tom T.]

Wow.

I don't use Vista or 7, and I'm thankful I don't... the privacy implications are staggering.
Do you have any idea if MS is planning to fix this? (I'd assume not, since it appears to be intended behavior.)

MS does not share its development plans with me. (Go figure! ) But since it was introduced and carried all through Vista, *and* continued in Win 7, it seems very deliberate.

It's the old "convenience vs. security/privacy" for the umpteenth time. Users are always accidentally deleting docs; fail to make regular backups (sound famiilar?), and wish they had some way to recover such.

But if the hard drive itself is hosed, or the boot volume corrupted, as actually happened to this user, then you can't get to System Restore or your shadow copies anyway -- hence the need to make *external* backups of everything. And once you're doing that regularly.... it was a short, *personal* leap to dropping the MS way. But not everyone will do such backups -- relatively few users, actually. So MS is protecting us from ourselves -- at a cost.

The article had a link to instructions to edit the Registry to exclude certain files or folders from VSS, but that's beyond many users. Especially since most don't even know the issue exists. I wasn't aware of it until seeing this article, yet Vista's been out for three years -- not that I followed Vista much, not being interested in it.

They mention full-disk-encryption for privacy and security, also a complex procedure, and not without occasional flaws being discovered.

Presumably, users who are security-conscious enough to use tools like Eraser would also be able to follow the Regedit instructions -- or disable the VSS, which was another alternative mentioned, and get in the habit of backing up everything, frequently, externally.

*Personally*, no one ever showed me anything that Vista could do that the present XP couldn't, *that I would want to do*. And until someone can show the same with Win 7, I intend to stick with XP at least through its extended 2014 support date (longest in MS history, by popular demand, due to flop of Vista). But other users might find useful features in the newer OSs -- everyone's mileage varies -- so they need to be aware of the -- staggering, indeed -- implications of this.

(Appendix for the conspiracy-theorists: Government pressure to prevent the defeat of forensics via secure-delete utilities? Not saying that myself, but would be surprised if *someone* didn't bring it up. If not the US Govt, perhaps UK? Chinese? Etc.? -- who would like to be able to recover any file that was on any seized or searched puter.)

[computerfreaker]

Wow.

I don't use Vista or 7, and I'm thankful I don't... the privacy implications are staggering.
Do you have any idea if MS is planning to fix this? (I'd assume not, since it appears to be intended behavior.)

MS does not share its development plans with me. (Go figure! )

I was wondering more about some sort of publicly-available article...

But since it was introduced and carried all through Vista, *and* continued in Win 7, it seems very deliberate.

Agreed.

It's the old "convenience vs. security/privacy" for the umpteenth time. Users are always accidentally deleting docs; fail to make regular backups (sound famiilar?), and wish they had some way to recover such.

But if the hard drive itself is hosed, or the boot volume corrupted, as actually happened to this user, then you can't get to System Restore or your shadow copies anyway -- hence the need to make *external* backups of everything. And once you're doing that regularly.... it was a short, *personal* leap to dropping the MS way. But not everyone will do such backups -- relatively few users, actually. So MS is protecting us from ourselves -- at a cost.

"MS is protecting us from ourselves" - that's probably the most positive way to put it. Looks to me more like media companies & their anti-piracy measures... what better way to catch a pirate than to find an old backup of stolen music on their HD?

The article had a link to instructions to edit the Registry to exclude certain files or folders from VSS, but that's beyond many users. Especially since most don't even know the issue exists. I wasn't aware of it until seeing this article, yet Vista's been out for three years -- not that I followed Vista much, not being interested in it.

I had no idea this existed either. (Then again, I don't - and have never - used Vista or 7)

They mention full-disk-encryption for privacy and security, also a complex procedure, and not without occasional flaws being discovered.

Presumably, users who are security-conscious enough to use tools like Eraser would also be able to follow the Regedit instructions -- or disable the VSS, which was another alternative mentioned, and get in the habit of backing up everything, frequently, externally.

Well, IMHO, backups, external or otherwise, should really be encrypted for sensitive files. And Eraser should probably be run once a month or more, unless you're willing to have the contents of your HD posted on the 'net for anyone to see. (I can't imagine anyone agreeing to this unless their computer is brand-new, still in the box)

*Personally*, no one ever showed me anything that Vista could do that the present XP couldn't, *that I would want to do*. And until someone can show the same with Win 7, I intend to stick with XP at least through its extended 2014 support date (longest in MS history, by popular demand, due to flop of Vista). But other users might find useful features in the newer OSs -- everyone's mileage varies -- so they need to be aware of the -- staggering, indeed -- implications of this.

I won't be upgrading to Vista or 7 either. I'll be sticking with XP unless I go over to Mac or Linux; those are getting more and more attractive to me. (Especially Linux)

(Appendix for the conspiracy-theorists: Government pressure to prevent the defeat of forensics via secure-delete utilities? Not saying that myself, but would be surprised if *someone* didn't bring it up. If not the US Govt, perhaps UK? Chinese? Etc.? -- who would like to be able to recover any file that was on any seized or searched puter.)

Add one more - media companies trying to catch pirates. MS has already bowed to the media companies on numerous occasions, and Win7 is, IIRC, loaded with anti-piracy sw. Wouldn't be any surprise if this was the same kind of thing...

[Tom T.]

Well, IMHO, backups, external or otherwise, should really be encrypted for sensitive files.

If it's that sensitive, then either the original file itself should be encrypted, via, say, TrueCrypt or similar -- or your entire HD should be encrypted. (TrueCrypt is one of many available tools -- this one is free -- with which to do that. Usual disclaimer: not an endorsement.)

And Eraser should probably be run once a month or more, unless you're willing to have the contents of your HD posted on the 'net for anyone to see.

If you create a sensitive file, move it to external media or otherwise, and delete it, you should use secure-deletion immediately in the first place, not Windows "delete".

Agree on secure-erasing unused disk space periodically.

unless you're willing to have the contents of your HD posted on the 'net for anyone to see. (I can't imagine anyone agreeing to this unless their computer is brand-new, still in the box)

Everyone agreed to it back in the Win 98 days, unknowingly. One of the first things that got me seriously reading Steve Gibson was his explanation of how many C drives were out there on the Internet, just waiting for anyone to read who knew the right command to send to the right port. IIRC (it's been a while), it's because Windows File and Printer Sharing protocol was "bound" to the TCP/IP protocol. IOW, locally-shared resources were "shared" with the Internet Protocol. Bottom line: the whole world is on your "home LAN", even if you don't have one. Gibson gave detailed, noob-friendly instructions for "unbinding" the two. (Got fixed in XP.)

Add one more - media companies trying to catch pirates. MS has already bowed to the media companies on numerous occasions, and Win7 is, IIRC, loaded with anti-piracy sw. Wouldn't be any surprise if this was the same kind of thing...

Point well taken....