Windows Vista File "Versioning" Feature a Security Threat
Windows Vista will inherit a Windows Server 2003 feature that ensures the integrity of files by making “shadow copies” on a daily basis. This means important files are backed up regularly so Windows always has a good copy on hand in case something goes wrong with the present setup of the system. In Vista, this could also apply to user documents and files other than system files.
In the event of an inadvertent change or deletion of a file or folder, Previous Versions allows you to revert the file or folder to any previous version, restore a previous version from a backup (made with Windows Backup), or make a copy of a previous version.
However, Ken Fisher of Ars Technica presents a good argument on the possible security concerns this can bring about.
Users concerned about data security should note that “Previous Versions” makes it possible to restore deleted files, as well. If a given file is moved to the “Recycle Bin” and then deleted, Previous Versions will show enquiring minds what it was you had deleted. A snoop would need to find the folder that originally contained the file which was deleted and then use the “Previous Versions” functionality on the folder itself to identify the missing or modified files.
As a result, it will essentially be possible to browse through archived filesystem states. For example, “Previous Versions” will allow you to open a historical backup of a folder to see all of its contents at that time. On our test system in the lab we were able to browse the “Documents” folder through Explorer as it appeared several days ago, making note of what had and had not changed. This means that Joe User won’t necessarily escape his new overloads merely by deleting his “Dangerous Thoughts” folder or using a “wipe” utility to overwrite the file. It is also not possible to delete the files from within Explorer when viewing archived data.
This is a good feature for backing up essential system files, such as with Windows XP’s System Restore. I’ve had to resort to System Restore a couple of times when I got my system screwed up after installing applications. I do agree that “versioning” might pose security risks in a corporate type of environment or when a user prefers to keep his/her privacy–in these cases, users would prefer deleted files to stay deleted.
However, novice users who oft accidentally delete or revise documents and other files might find this feature useful.