Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Adds Risky System-Wide Undelete to Vista

Posted by ryuzaki0 on from the choose-wisely dept.

douder writes "Windows Vista will have a new 'previous versions' feature when it ships next year. According to Ars Technica, the feature is built off of the volume shadow copy technology from Windows XP and Windows Server 2003. Now turned on by default, the service stores the modified versions of a user's documents, even after they are deleted. They also report that you can browse folders from within Explorer to see snapshots of what they contained over time. It can be disabled, but this seems like a privacy concern." From the article: "Some users will find the feature objectionable because it could give the bossman a new way to check up on employees, or perhaps it could be exploited in some nefarious way by some nefarious person. Previous versions of Windows were still susceptible to undelete utilities, of course, but this new functionality makes browsing quite, quite simple. On the other hand, it should be noted that 'Previous Versions' does not store its data in the files themselves. That is, unlike Microsoft Office's 'track changes,' files protected with 'Previous Versions' will not carry their documentary history with them."

13 of 365 comments (clear)

  1. I trust Microsoft completely. by Anonymous Coward · · Score: 5, Funny

    Dear aunt, let's set so double the killer delete select all...

  2. i dont get it... by Anonymous Coward · · Score: 5, Insightful

    "could give the bossman a new way to check up on employees"

    Um, your work computer is the property of your employer. If you want to do something that would get you in trouble with your boss - put it on your own computer. Plus all this does is back up files that you have made, how is this a privacy concern? Even if this was happening and you never knew it and uploading all your files to a central server, it's still an option of your employer, and not an invasion of privacy, it's crappy, but the option of your boss and his/her company. Just like the fact that they can read your business email. No different, and to me even less intrusive than that since you can't control incoming mail.

  3. Just more overhead by gasmonso · · Score: 5, Insightful

    As with System Restore, Windows Firewall, Remote Assistance, etc... just disable, delete and install better applications to provide the same functionality. MS should just focus on security, stability, and releasing the damn thing.

    http://religiousfreaks.com/
  4. Typo? by TubeSteak · · Score: 5, Funny
    On our test system in the lab we were able to browse the "Documents" folder through Explorer as it appeared several days ago, making note of what had and had not changed. This means that Joe User won't necessarily escape his new overloads merely by deleting his "Dangerous Thoughts" folder or using a "wipe" utility to overwrite the file. It is also not possible to delete the files from within Explorer when viewing archived data.
    Don't they mean Overlords?

    /I for one welcome the Previous Versions of our new Overlords.

    --
    [Fuck Beta]
    o0t!
  5. Looks cool by Sloppy · · Score: 5, Insightful

    I don't get the privacy concern. If someone gains physical access to your machine, then the contents are vulnerable unless you take active steps to prevent it. People have known forever that stuff may not be lost forever just because it's deleted. This feature doesn't change that.

    The issue is that this makes it "easier" but I can't help but see that as a neat feature.

    The really silly part is this:

    Some users will find the feature objectionable because .. perhaps it could be exploited in some nefarious way by some nefarious person.
    If that's what keeps you up at night, then you better give up on all technology, not just this.
    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  6. Re:This is a great feature by TheNetAvenger · · Score: 5, Informative

    The security risks could be eliminated by encrypted the user's home directory, a la Mac OS X.

    It's a fantastic feature. I remember Novell Netware had this and we used it a lot to roll back changes to code. It was better than version control when only one person was working on the project.

    I wonder if OS X 10.5 was going to have such a feature and it leaked out. This is actually a quasi-innovative idea from Microsoft. Maybe they stole it from Apple via corporate spying.


    Ok, you do realize Windows has had encryption for like 10 years now, right? Or are Mac Zealots just naturally unaware of anything without an Apple logo on it?

    You also realize this has been in WinXP and Windows 2003 Server for quite some time, so I doubt they stole the idea from OSX 10.5. (geesh)

    As for the Versioning in Vista, the new thing is that it is turned on by default and works on local volumes, where WinXP required the data to be on a Windows 2003 Server.

    Also, there aren't security risks, and this article is nothing but FUD. Windows Server has had this ability for 'versioning' files since 2003, and BUSINESSES have already been using it.

    It also is a great tool, especially when you accidentally nuke a file, or change and save a file you didn't mean to, etc. Versioning archives are more handy than a 'problem'. (Truly)

    If you are an employee, don't be doing crap at work, they own the computers, download your goat porn at home and don't be writing your resume while at work.

    Also, as an employee if you are half way bright, you can purge the 'versioned' copies, unless the company doesn't allow you to with group policies. And again, it is their computer, so they can do what they freaking want if you work there.

  7. Re:Could really use that right about now... by LiquidCoooled · · Score: 5, Funny

    There is a great extension for firefox called Nuke Anything which allows you to remove sections from pages.
    My missus had a great time deleting all the geeky stuff from slashdot.

    You should have seen her face drop though when I told her she had actually removed it from the internet.

    --
    liqbase :: faster than paper
  8. Such a great idea by xeos · · Score: 5, Insightful

    Yes, other people have thought of it before, but kudos to Microsoft for implementing it. Disks are cheap, whereas the documents I create are not. Anything which helps protect those documents from mistakes is going to be a good thing.

  9. Re:This is only a good thing by spagetti_code · · Score: 5, Funny

    This was an awesome feature in VMS,
    and a privacy concern in Vista.

    You guys **really** don't like MS do you?
    (I must be new here)

  10. You get an F. by Ayanami+Rei · · Score: 5, Funny

    I'm sorry. You're allowed 5 punctuation errors and capitalization mistakes per post submitted to this website.
    You are quite over that limited, and your spelling is atrocious. Please, leave and don't come back. Thanks.

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
  11. Re:This is only a good thing by fermion · · Score: 5, Insightful
    VMS lived in a different world. A world in which an elite controlled the computer in every respect, a world in which one often had to beg for an old tape to be put in so that one could access data. A world in which every bit data was not scrutinized by a forensic team with almost unlimited resources. A world in which data was not transmitted willy nilly to unknown parties. A world in which mysterious metadata hardly existed.

    All the flavors of DOS in the 80's were way cool because it allowed us to control our own computer. In the 90's all went to hell as we became connected and the computer started doing more and more things no one really understood. A huge concern MS has not addressed is how to protect confidential information, and more importantly help companies not expose disruptive metadata. For instance, I do not believe they have a setting in outlook to scrub MS Office files as are mailed to external addresses. Nor have the implemented the DRM that would allow firms to track users violate border policy. MS adds features that makes systems less secure, without thought of how to compensate for the breech.

    This is clearly an awesome feature. So was the command line shortcuts. But features do not exist in a vacuum. There is only so much that can be done to help careless users. If MS is to provide business class systems, and not just toys that can be used as business systems, they have to get serious about making systems that businesses need. I think that if MS would develop a core competency in business, and leave the consumer side to others, MS would be in much better shape. Imagine how wonderful Vista would be if it did not have to worry about they toys that home user need.

    --
    "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
  12. Re:This is a great feature by geminidomino · · Score: 5, Funny

    Oh my gods... somewhere an angel just shot an English teacher in the face.

  13. Re:It can be disabled, right? by Bazzargh · · Score: 5, Interesting

    That feature is seriously screwed up. Microsoft are *still* trying to sell people on the idea that its ok to share around the editable document, when in reality its hardly ever ok. All it takes is for one person to forget to remove hidden data and you're on the news.

    Look at the list of Office products it integrates with - there's one missing. Outlook. Why isn't outlook set up to prompt you to ask if it should strip the documents before sending? Why is there no feature on exchange to block emails leaving the domain with unstripped attachments? Why doesn't iis block access to unstripped files? Now those would make it a feature worth having.

    Stepping back from MS for a moment, the same problem actually exists in many other file types - even html (meta tags and comments). Its why the microformats movement thinks metadata should be presentable and parsable rather than hidden in 'document properties'. Their solution isn't complete though - we need to separate the notions of 'Save As' and 'Publish'. One way to achieve this in a corporate/government environment would be for servers to require digital signatures on outgoing documents - this would introduce publication into a document lifecycle for the purpose of integrity, at which point we can hook in 'strip doc' wizards to minimize risk.

    Just thinking out loud.