Shadow Copies vs Erasing

  • Thread starter Thread starter Daze N. Knights
  • Start date Start date
At about the 21:20 mark, a good point is brought up.
Basically, if you have a file that's never been changed,
you will not have a previous version of that file.
So, if you accidentally or on purpose delete a file that's
never been changed, there are no previous versions of that
file, it's gone. Clicking on a folder and trying to use previous
version, will also not replace that file.

The exception to that is if it's a folder that's been backed up
by File Backup, then there will be a copy of that file. They didn't
mention this in the video, but I just checked it out myself. I looked
at some files in My Documents that I know I haven't touched in a long time,
the only previous version listed is from "Backup", not "Shadow Copy".
Also, the fewer changes going on to your files, means that less space is
being taken up by Shadow Copy and differential changes.


-Michael

* MICHAEL:
 
I had sorta gathered that, but was unsure about the details and
consequences. If the original file was erased, presumably those Shadow
Copies of differences in previous changes would be unresurrectable in
the form of a previous version of the file, but would they continue to
exist in a form that could still potentially be recovered for the
information provided in the changes to the original file?

I really have no super-secret files of concern here, but the issue may
be of more real importance to others who do. The question(s) occurred to
me in regard to a document file in which I keep a list of passwords. I
keep this file encrypted in the form of an executable file that requires
a password to extract the document. When I need to make a change to the
list of passwords, I execute the encrypted file to extract the
unencrypted document, then I make the changes to it, erase the original
executable file, re-encrypt the changed document into a new encrypted
executable file, and finally erase the unencrypted document itself.
During this process, I presume shadow copies are being made of the
unencrypted document when I change it, and I'd wondered if those
newly-entered passwords continue to live on in the form of "shadow
copies." Now, no one is going to go to great lengths to uncover my
passwords, but there are certainly many people with much more sensitive
information than I to whom these issues must be of some concern.

Anyway, I see Michael has done some investigation and dug up some links,
which I now need to find some time to study through to see if my
questions/concerns (such as they are) are addressed therein.
 
Wow. Thanks for your investigation and digging up of info on the
subject, Michael. It will take me a while to get to going through it to
see if my questions/concerns are answered therein. In the meantime,
check my very recent response to Synapse Syndrome.

regards,
Daze
 
You're welcome, David.

The video does have some good info. It's a bit long
at about 45 minutes, but I think it's worth a look.

Take care,

Michael

* Daze N. Knights:
 
Michael:

I finally got around to watching that video, and yes, it was quite
interesting and effectively filled in some gaps in my understanding.

While I'm still not *totally* sure, I am now of the impression
that--unless one turns off System Restore entirely--both deleted and
erased items will still exist in the form of recoverable shadow copies
*until* the limitation of alloted HD space for them (15% by default)
causes them to eventually be aged out.

And this means that Shadow Copy (also called Volume Snapshot Service or
VSS) can, indeed, represent a data security risk that cannot possibly be
overcome by judicious use of an erasing tool--which leaves one with the
alternatives of full-drive encryption, turning System Restore off and
leaving it off, or simply *never* having *any* sensitive data on one's
HD at all.

Daze
------------
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Erase shadow copy 1
System Restore Points without shadow copy - there has got to be a way!! 9
How to prevent "shadow" copies of working documents? 7
"Shadow copy not created" on backup 14
Shadow Copy - Can I configure how often? 2
System restore shadow copies 3
shadow copy 4
Shadow copies absolutely refuse to work 3

Back
Top