Hackers can mine data from your PC’s pagefile and temp files, but you can guard against this threat by deleting these files — automatically.
Plus: Avoiding “Fast Boot” troubles, a script runs amok in Firefox, and a reader explains why he thinks Microsoft could have produced a secure version of XP.
Wiping away leftover user data held by Windows
After reading “Better data and boot security for Windows PCs” (May 15 Top Story), reader Thomas Bazzone sent in this note:
- “Fred, I noted that you instructed readers to delete the original files and to clean up the Windows trash after creating a 7-Zip archive. However, if you don’t use a secure delete program, the files could still be accessible to snoopers. If true security is the goal, [removing all traces of deleted files] is absolutely required. You might want to point that out in a follow-up note.”
You’re right: any deleted file can be recovered (i.e., undeleted) until the file’s bits on the hard disk are overwritten by new data.
So in theory, a hacker could undelete files on your hard drive in hopes that something useful might be recovered.
And it’s possible for a hacker to mine your Windows pagefile/swapfile and temporary files, seeking snippets of text, passwords, and other transient data stored there.