Microsoft hands out 'private' folders

Microsoft has introduced Private Folder 1.0, free software that lets people store sensitive data on their home or work computers in a password-protected folder.

Private Folder 1.0, which is saved to a person's desktop, aims to shield private data from others when they have access to someone's computer or account. The potential fallout from IT administrators remains to be seen, should their colleagues opt to hide sensitive data in a private, password-protected folder. Microsoft does not offer support for the software.

"Private Folder 1.0 is a useful tool...to protect your private data when friends, colleagues, kids or other people share your PC or account," the software giant said in its announcement.

People who want to download the software are first required to run their computers through the Windows Genuine Advantage program. The controversial antipiracy tool is designed to verify that people have a legitimate copy of Microsoft Windows.

Those using the software also must have Windows XP Home Edition, Professional Edition or Media Center Edition, with Service Pack 2. The software also needs a high-resolution Super VGA video adapter and monitor to work properly.

Some observers are raising concerns about the potential headaches Private Folder may create for IT administrators.

"Oh great, have they even thought about the impact this could have on enterprises. I'm already trying to frantically find information on this product so that A) I can block to all our desktops and B) figure out how we then support it when users inevitably lose files. I can see the benefit in this product for home users, but it's a bit of a sloppy release by Microsoft," said an individual named Stuart Graham in a posting on MSBlog, a site related to Windows Server 2003.

Another individual, Daniel Goldleaf, said on MSBlog that companies should have terms of usage for corporate PCs that instruct employees not to download software onto their systems.

"If they install (Private Folder), uninstall it from Add/Remove Programs," Goldleaf added.

[Philips]

Can't download with Firefox

I can't download it with Firefox...

Probably another time. M$ isn't first with such applications and I'd rather say they are late in the whole encryption euphoria.

*BSD/Linux/MacOSX had that for ages. Free, w/o strings, w/o any kind of quirks requiring you to run outdated stuff like "Internet Explorer" just to install it.

[msanto]

Have you Tried IETab? <EOM>

http://ietab.mozdev.org/

[catch23]

Yes you can

Or at least I did. You will need to validate using the alternate method, but it is dead easy.

And an idiotic statement about being late. Windows has had apps to do this for just as long as those you mention. And this one is free, no strings, no quarks, and requiring nothing but a legit copy of XP

[Sir Limey]

Internet Explorer

Funny how the outdated Internet Explorer doesn't have a problem with the download.. Or is it the ID-10-T factor by the operator? Or wait.. yet another conspiracy my Microsoft against Apple and Open Source??? Would be nice to see some objective comments coming from Apple/open source for a change. I run both Apple Power book G4 and Windows XP like them both. The issue here is the Office and enterprise enviroment not who did it first or better.

[thenet411]

This has no place in the Enterprise

Users don't have, and shouldn't expect, any right to information privacy on corporate networks. Simple as that.

This is fine for the shared computer at home. I can see some benefits there. But, anyone installing this in the Enterprise should be fired on the spot.

[Penguinisto]

Not for home either...

...or do parents actually monitor what their kids have on their hard drives anymore?

No wonder they gave it away for free.

[Anonymous1234567890]

Fired on the spot?

Why fired for using it? I have lots of work-related docs that I created to do my job... contact lists, tutorials, etc... so why should anyone else have access to my work data when I'm not around? Get a clue.

[Thrudheim]

there are uses

It might be smart, for instance, for sensitive business information
on laptops to be encrypted in case the laptop is stolen.

[Too Old For IT]

Corporate Whistleblowers?

Or keeping the goods on the office harasser? Or the ass-hat manager who makes all the wrong decisions?

Plenty of uses in the enterprise to keep the business honest.

[maxwis]

If They Hadn't Neutered XP Home

If MS Genuine Disadvantage hadn't stripped out file encryption from XP Home then there wouldn't be a need to offer the password tool. MS also saw fit to strip out Share security functionality, further weakening XP Home security.

If you want file/folder encryption for XP from a 3rd party with no backdoor, try Truecrypt.

[sarmasriram]

File encryption is privicy not security

Guys... lets get one thing straight. Encrypting files using the encryption bit (EFS) or using this latest password protected utility by MS is more towards privacy and has nothing to do with 'security'. Internally, both EFS and this utility use the same symmetric encryption for protecting data.
Nevertheless, just because XP Home does not have EFS enabled it does not mean it lacks all the security features that Prof has.
Stripping the Encryption bit from XP Home was the right thing to do since there isn?t a valid business case. Corporate users have more use for EFS since they store a lot of confidential data in their file system.

[harsoni]

Microsoft Private Folder is a pretty nice tool

It is a pretty nice tool. But you need WGA to download it.

http://www.infosrama.com/digitalseeker/2006/07/microsoft-private-folder-released.html

Harsh

[thedreaming]

WGA

WGA is Microsoft's way of making sure you bought your copy of windows but some people are having problems with it, mostly because the software is still pre release. If you look carefully on the web, you can find workarounds to WGA so you can install any wga enabled application without having wga installed.

[Dalkorian]

Laughable

M$ hands out a program which is definitely not new or unique
(this has been available in other forms for years now), claiming it
will help you keep your stuff private. Let's forget for the moment
that it's done my Micro$loth, meaning it will be hackable by any
uneducated 12 year old within minutes. Let's instead focus on
the fact that it requires WGD, which violates your privacy by
reporting the contents of your computer back to M$.

You can have privacy, but you first must relinquish all privacy
rights to us.

Douglas Adams himself (rest his soul) couldn't have come up
with something more ironic.

Yeah, I'll trust you M$. Just as soon as you are open source and
running a Linux core. And pay back all your customers for
putting up with your crapware for decades.

[mbevan]

Microsoft has yet to learn.

Apple has already done it right with its FileVault technology - real encryption, virtual memory encryption, and a machine-based master password for sysadmins. Microsoft is (yet again) pumping out poorly thought out and poorly developed features in an attempt to not look as bad as they really are. Remember the farce that was WinFS.

[pdude]

It was not 'invented by' Apple

The feature you have mentioned has been available in Windows NT 4.0 onwards. It is called CryptoAPI.

Apple fanboys are as ignorant as it can get!

Sounds useful, especially for home businesses

I think I'll give it a shot. I actually have a use for this. Small businesses and home businesses dont have a lot of options for keeping their business and (more importantly) customer personal data secure.

You know, if Google or Firefox had come out with this, you KNOW the attitude towards the product in both the article and the comments would have been very different. People would be singing the praises of Google's concern for people's privacy, and then probably take a few digs at the US government to boot. It definately shows the double standard with how MS is treated in the media vs other companies.

[Jackson Cracker]

get a clue

Google or Firefox wouldn't require you to use WGA first.

[Hardrada]

No way!

Microsoft. Privacy software. Somehow the two don't go together. Like Yahoo and free speech.

[glenn4u]

OLD IDEA from Norton Secret

Symantec had a freebie out years ago,
'norton secret'...did just that, password files or folders.!
Nothing new here!!!!

[metsrok]

Re: Old Idea

I don't think the point of this story is to point out what a new idea having passwords on folders is, it's that a new product is available that does it for free.

I could be wrong, but I believe Norton Secret is not on the Symantec site anymore.

[mlinder69]

How private

Perhaps private folders will lock out others but will it be sent to MS every week behind your back?

Why would I trust a company like MS? They prove they cant be trusted over and over.

[qwerty75]

No news here

So MS is coming out with a half-assed implementation of something it should have had all along?

I guess they were too busy nailing non-OS functions to the OS to do this 5 years ago.

So MS is yet again decades behind, and can't even get it right. This is not news but standard operating procedure at MS.

[dysonl]

Here's some news for YOU

You wrote:
"So MS is coming out with a half-assed implementation of something it should have had all along?"

What do you mean "should have had"? Didn't you know you can encrypt folders in XP? (Refer to http://support.microsoft.com/kb/308989)

"So MS is yet again decades behind, and can't even get it right."

Can't even get it right? How so? Give us some example. Did you try it?

[Seaspray0]

Typical qwerty post

Here's a template for your next post, qwerty. It matches just about everything you say in every post.

M$ is doing ________. Yet another half-assed implementation of _______. They should have quit long ago. They never do anything right and are always decades behind. Everything M$ does is garbage. This is not news; anything that deals with M$ is not news. Windows is and always will be a lame OS. Microsoft is pathetic. The M$ infedels must die.

[keith.in.trinidad]

M$ behaving like a spy/mal/adware distributor...

This seems just another way for Microsoft to sneak WGA onto more machines, just like a malware distributors.

They give the user something that seems handy, knowing full well that home and corporate users would be hard pressed to refuse free software for securing their files and folders. The user installs software that's supposed to help them and loads Microsoft's killswitch at the same time.

The fact that they aren't offering support for the software only adds credence to the notion that it's a quick and dirty tactic that's being used to disperse WGA before the public gets to realise what's happening. News that Microsoft is offering a tool to protect your files from prying eyes with a quick download will certainly spread faster than techie discussion on whether WGA can and will disable a PC.

Looks like Redmond has something to hide by distributing WGA this way.

[Jackson Cracker]

definitely

There's no logical reason to tie this to WGA.
This certainly sounds fishy.

[schubb]

yeah, right

Wouldn't the world just end if people learned to use these here com-pu-tor thingies? There are thousands of programs that will do this, many freeware. If you are too lazy to search for an alternative, be ready for WGA.

[1HistoryNut]

Private folders...

There are quite a few little progs out there that will allow you to do that, either free or very inexpensive. I've tried out several, but then, I really do not have a use for something like this. As for it causing problems for the sacred "IT" cows, well, many times it seems that alot of things cause problems for them, wether real or imagined. As for the person "Thenet411" and "They ought to be fired on the spot" roflmao.... sit down.... relax..... have a handful of Xanax, a few shots and TAKE A NAP !!!!

[Heebee Jeebies]

Nothing like...

Blaming Microsoft for some stupid idiot downloading software. Microsoft isn't forcing anyone to download this. If someone does and doesn't have the brains to use it or it causes major problems for the company then deal with the downloader. When are people going to take responsibility for the things they do. If I am a large company and I am worried about this I set a policy. Download and install it and you find yourself another job. Plain and simple.

Seems like no matter what Microsoft does some jerk finds fault with it and blames them for it even when Microsoft had nothing to do with the downloading or installation of it.

Pathetic!

Robert

[dysonl]

Agree wholeheartedly

Bashing Microsoft has become an addiction or even a religion for some knuckleheads.

It's not like Microsoft has committed a sacrilege by releasing a free and unsupported software -- this is nothing new; thousands of companies are doing just that every single day.

Anyone complaining about this specific case is just one of population of retards on the "MS-bashing-is-my-life" bandwagon.

[gggg sssss]

winzip Plzip

have done this since DOS ( well PKzip anyway)

[jabbotts]

RAR baby

. . . for me anyhow but yeah, I'm glad someone mentioned it. We've had password enabled compression archs for a long while. With a strong password, they're pretty good even with the long list of related cracking apps

[john55440]

Good For Computer Repairs

If memory serves, a major computer retailer that does repairs, backed up information from one customer's computer, and restored it to another customer's computer. Nice. Every tidbit of the first customer's personal information on somebody else's computer.

In addition, I don't need any bored computer techs browsing my private life. <grin>

Password protection of file folders is something that should have been included in the original version of WinXPhome.

[mysticfree]

truecrypt already does, free too!

open source and free
www.truecrypt.com

[City_Of_LA]

So

How much did you pay for the one MS just released?

[Seaspray0]

Not a new concept

Encryption has been around since Roman times. This is not something new. The enigma device used by the germans during WW2 encrypted data. Actually this version of encryption is a rather simple idea... use a password to encrypt data. There are much more complex encryption methods out there and Microsoft has had them for years. Currently there are about 15 encryption methods available to you now. If you live in the US, you can even get the extremely powerful 3DES method of encryption (not available in many countries for security reasons). If you use 2000, or XP, you've had the ability to encrypt folders all along with the OS encrypting and decrypting on the fly which makes it transparent to the user. The built in method of encryption also uses a much more robust process that entails the use of a public/private certificate method (the same method used for securing web pages on secure websites). Microsoft has been supporting using certificate based encryption for years, including VPN's, mail, data, you name it. The server program can easily run a certificate service under the strict government standards (the only OS capable of doing so out of the box) generating certificates that can be used to encrypt mail, validate programs, secure VPN's, along with encrypting data. I'm actually surprised they would release such a simple encryption program as this. Perhaps the public/private key encryption methods were too complex for the average windows user (translation: definitely not a PC geek) to understand.

[Dalkorian]

right!

Basically -

- this isn't a new concept, by any means.

- this isn't even necessary, since you can get better encryption
for free (really free, not just "you don't need to send money"
free).

- there is no logical reason for this ... except to push their WGA
trashware onto dumb users.

Sorry Micro$loth, I'm not buying. WGA is a trashy gutter
prostitute which isn't welcome on my machine. Tie whatever you
want to it, I promise you that Linux won't demand WGA!

[larrymadill]

Nice, Sorta Pointless

Its nice, not thrilling, just nice. Having a handy place to place private files. Kind of wonder how much use the average user will get out of it. Reminds me of the complete useless 'Briefcase'.

Seems like the only immediate effect it will have is to frustate the IT Nazis down the hall and pull them away from a discussion of which is better, Superman Returns or Pirates of the Caribbean 2, to unistall the thing on everyone's workstation.