Ticket #30 (closed task: wontfix)

Opened 7 years ago

Last modified 6 years ago

Encrypted page file

Reported by: Joel Owned by:
Priority: minor Milestone: Eraser 6.0
Component: Core Version:
Keywords: Cc:
Processor Architecture: Blocked By:
Blocking: Operating System:

Description

Allow users to specify that they want their page file to be encrypted under Vista.

fsutil behavior set encryptpagingfile 1

Blocking

IdSummaryMilestone
#30Encrypted page fileEraser 6.0

Blocked by

IdSummaryMilestone
#30Encrypted page fileEraser 6.0

Change History

comment:1 Changed 6 years ago by Joel

  • Priority changed from major to minor

Is this the scope of Eraser? Usually this is set by Group Policy in corporate environments. Who are we to override it?

comment:2 Changed 6 years ago by Overwriter


Joel:
“Who are we to override it?”

We are The Eraser Project and we can do what we like !! :o)

Seriously though I think it should be a feature. I think Eraser’s role is to allow the average computer user to have more control over the normally unseen data on their drives. This is accomplished by securely overwriting with a pattern of their choice over the free-space, cluster tips, MFT and unwanted files etc. The page file is a difficult area to deal with and contains or could contain a user’s private data without their knowledge. Erasers role is to protect that users privacy and if page file erasing is difficult or impossible to do securely then encrypting it is the only option.

If it doesn’t take much code or much of your time it would be a nice feature. Would it matter if someone did use it independently of the GPE ? It wouldn’t do any harm. I use a separate tool to encrypt mine on XP Pro and I have never had any issues with it.

comment:3 Changed 6 years ago by Joel

  • Status changed from new to pending

The problem is that the GP editor will set the paging file encrypted status at every system startup so maintaining our setting will be difficult. Furthermore, if a sysadmin wants to set a setting across his corporate environment, it will be rude (maybe even breaking company policy) to override that setting.

The feature is simple to implement - just set a registry key. But I'm just worried about the repercussions arising from this feature.

Perhaps this be implemented as a plugin? Plugins have their own settings dialogs now.

comment:4 Changed 6 years ago by Overwriter

As you said,

“The problem is that the GP editor will set the paging file encrypted status at every system startup”

So if an admin wants to enable or disable this feature by GP then they can. In fact it sounds like they can override Eraser with GP from what you say. If this is so then this feature can be implemented as the admin has what appears to be the final say and it would allow home users access this function which they may not have otherwise known about.

comment:5 Changed 6 years ago by trac-robot

  • Status changed from pending to closed

This ticket was closed automatically by the system. It was previously set to a Pending status and hasn't been updated within 14 days.

comment:6 Changed 6 years ago by Overwriter

  • Status changed from closed to reopened
  • Component set to Core

Another Zombie ticket brought back from the dead ! Ha ha !

So Joel was the conclusion to this that it had to be made available as a plug-in option only ?

comment:7 Changed 6 years ago by Joel

I came to the conclusion that we shouldn't try to interfere with corporate installations... exposing a feature like this may lead to a bit of chaos in corporate environments. I'm not sure if there is a way to check if settings are made by admins or by users...

comment:8 Changed 6 years ago by Joel

Could we ask Chris for his opinion?

comment:9 Changed 6 years ago by jackjack

I'd be of the opinion that this is not a task for eraser to deal with. Unless I've missed something in my absence eraser is still touting its self as a secure deletion tool and nothing more.

comment:10 Changed 6 years ago by Joel

  • Status changed from reopened to closed
  • Resolution set to wontfix

Hmm, agreed.

Note: See TracTickets for help on using tickets.