

Schneier on Security : The Security Implications of Windows Volume Shadow Copy - billswift
http://www.schneier.com/blog/archives/2009/12/the_security_im.html

======
shaddi
As mentioned in the comments on the article, this is a vulnerability that
exists not just on Windows, but any system that makes snapshot backups (OSX
Time Machine, for instance). I would even argue that this is a vulnerability
with any un-encrypted backup, especially automated ones.

~~~
tptacek
If you even want to call it a "vulnerability". What it really is, is a
weakness in encryption software and the way it integrates with the OS.

~~~
brown9-2
I think I would label this as more of a weakness in how the user who cares
about encrypting the document is going about it.

Can't you just save the original file to an encrypted volume (such as with
TrueCrypt), and shouldn't you make sure that you're not saving any sensitive
data in plaintext to any unencrypted volumes?

------
middus
Again[1] an article that basically is just a quote. Why not link the original
source?

[1] <http://news.ycombinator.com/item?id=961203>

------
billswift
The article Bruce's post was based on
[http://blog.szynalski.com/2009/11/23/volume-shadow-copy-
syst...](http://blog.szynalski.com/2009/11/23/volume-shadow-copy-system-
restore/) was linked on HN 2 days ago, but got no comments.

