Page 1 of 1
Comparing sensitive data
Posted: Mon Jul 08, 2013 11:47 am
by rwshuka
I would like to know what residual effects there are from comparing text from the clipboard. I'm wanting to compare some sensitive data from within 2 secured files. The easiest way would be to copy the data to the clipboard and use the clipboard comparison in ExamDiff. What I would like to know is if there is anything I need to clean up/delete after the compare. I.E. Are there any temporary files that are created when a clipboard compare is performed that would contain the text that was compared?
Re: Comparing sensitive data
Posted: Mon Jul 08, 2013 5:42 pm
by psguru
There are temporary files created (in %temp% directory) during clipboard comparison but they are deleted after you exit ExamDiff Pro. There is no need to do a manual clean-up.
Re: Comparing sensitive data
Posted: Tue Jul 09, 2013 6:18 pm
by AlexL
In case of working with sensitive data, users may concern about malicious restoring those temporary files after deletion. In such specific cases users may want to replace "deletion of temporary files on exit" by "wiping temporary files on exit", which means that the deletion will be preceded by overwriting temporary files with constant or random values.
This still does not complain with state security standards (which require multiple overwrite with different values), and even more: killing EDP process will leave these files untouched, but it is better than nothing. Longer exit, but somebody may want it.
In addition, such temporary files may be created with "Encrypted" attribute (on file systems that support it), and together with this, EDP may want to write their content with some internal encryption (e.g., rolling bits in each byte while writing, and rolling bits in opposite direction during reading). This will prevent staying readable temporary files on disk if EDP process was killed.
Such measures can be united in a single option which almost nobody will use, but those who will use it, will feel more confident (though it will cause noticeable delays in EDP work).
Disadvantage of introducing such option is that any usual user may enable it (because "secure work" seems always better than non-secure work, so why not to enable this option? - thinks ordinary user), which will cause unnecessary delays where there is no sensitive data at all. So this option should be accompanied by clear warning about slower work, and "Are you sure" question with "No" as a default answer.