If you're someone who checks the system logs every now and then, to make sure things are running smooth - you may have noticed some errors related to Private Disk:
The PRVDISKAMD64 service failed to start due to the following error: The system cannot find the file specified.
The program works fine, despite these log entries. The error is not critical and it has no impact on the program's functionality. But why is it there? And what does it mean?
Private Disk comes with several flavours of drivers - 32-bit and 64-bit. Upon installation, both driver types are registered, but only one of them is successfully loaded by the system.
The other type, which is not compatible with the platform, fails to load - hence the log entry is generated.
In other words, you can simply ignore these notifications.
This behaviour will be changed in the next release, so the system won't bother loading modules that are not designed for it. Until then, here is a simple solution:
On choosing the entries:
What the modules mean:
PD Explorer is a free tool that enables you to explore Private Disk encrypted images even in the cases when Private Disk is not installed on the computer, even if you don't have administrative privileges.
You can view the contents of the encrypted disk, write or remove files from it - as you can normally do with an archive such as a ZIP file.
It is extremely simple in use, making it easy to add new files to the encrypted vault, delete or update existing files.
PD Explorer is compatible with NTFS images of any size, there are no file size restrictions, nor are there limitations about the maximum number of files that can be processed.
PD Explorer is a available for free, you can download it right now.
It has been reported that in certain circumstances the system will shutdown instead of rebooting itself when the user restarts it while Private Disk is running and an encrypted disk is mounted.
This was a problem difficult to trace; while it repeats itself 10/10 times on a "problematic" machine, on "non-problematic" ones everything is working correctly and it is impossible to simulate the problem.
This is what makes it of reason to make an educated guess that this is caused by a third-party component present on the system, which somehow alters the standard behaviour of Windows. The tough part is that even when you think you have disabled all the non-standard programs, there is a myriad of low-level components that one can't see with the naked eye.
It is not known to the wide public, but the truth is that for quite some time a version of Private Disk Light for Windows Vista, as well as for 64-bit versions of Windows XP has been available.
It can be downloaded: http://files.dekart.com/beta/PrvDiskLight-Vista.exe
It is unofficially called Private Disk Light 1.23, and here are the changes:
If you watch the evolution of security systems, you are probably aware of the study that explains and demonstrates how private data can be extracted from the system's memory, by forcing a reboot or extracting the RAM modules.
This is an intriguing research, because it shows how far a sophisticated attacker can get. What makes this even more interesting is the fact that there is empirical evidence that shows that it works not only on paper.
Like other encryption programs, Private Disk is permanently decrypting and encrypting some data whenever files on the virtual disk are read or written. Naturally, the keys must be somewhere in the system's memory, therefore our software can become the target of such an attack.
Why should I not worry about this?
Although the attack can have practical results, there are things that can be done about it.
Imagine that you are an attacker that stumbled upon a computer with valuable data protected by Private Disk. If the keys are in memory, it means that the encrypted disk is mounted - and if so, why not just copy the data from it while no one's watching?
Why is it easier to disassemble a computer in order to make the RAM modules easily accessible, then take the memory out and connect it to another computer? When you're done - you'll put the RAM back but the system will be shut down, so the owner will figure out that something is fishy when they return.
Why is it easier to force a system reboot, configure the BIOS to boot from an external device, then dump the contents of the RAM to the external device for future analysis? As in the previous case, the system will be in a different state when the owner returns, so they will realize that an attack has just occurred.
Besides, there are many things that have to be taken into account, and the attacker can only hope that luck will be on their side; for instance:
Of course, all of these problems have solutions: disassembling a system can be done very quick if you're good at it, and resetting the BIOS settings is a matter of time. But all of this is only useful in one condition - the computer that was left unattended contains a virtual disk in a mountedstate.
This is what brings us to the solution, which is just a set of best practices, which are well known for a long time; once you cycle through each item, ask yourself "which of these I hear for the first time?".
Company owners, administrators, and leaders of the IT department
As you can see, none of the above is new. Of course, this does not mean that the new attack method is useless, but it makes it clear that simple measures can be taken in order to protect your assets. Moreover, all these measures are either free (features such as "disconnect encrypted disks when the system hibernates" in Private Disk, or "Automatic lockdown" in Password Carrier are there for ages), or are already in place (guards, locks, security cameras, etc).
Finally, I must point out that I can hardly imagine a thief who prefers to try this new high-tech wizardry, when it is known that the encrypted disk is already mounted, so all that has to be done is simply copy the data and walk away (which is obviously the path of least resistance).
Summary - the end of the world is postponed yet another time, and you can protect yourself by following a short list of best practices. How is this news?
Make IT secure!
I was asked what makes Private Disk better than the hardware-based encryption solution offered by another company. The name of the other solution will not mentioned, because it is not relevant - the arguments are valid in either case.
The discussion is about Private Disk vs. a hardware based encryption solution that is built into a 4 GB USB disk.
Note that some of the points were taken out of context, so they may sound a bit weird (us = Dekart, them = "the other company").
Other significant things, Private Disk is better because:
From the points above, the ones that matter the most to me (as an end user) are: Disk Firewall, and the ability to create encrypted disks of very large sizes (it will take a long time until USB flash disks are of at least 100 GB in size, and work as fast as a hard disk) - this gives me the chance to use encryption for serious activities (storing my mail archive on it, or a database, or the company's CVS repository, etc). Of course, people are different, so your mileage may vary.
The time has come, Private Disk 2.10 is now officially released. Some of the changes were already commented in the release notes of an earlier beta version of PD (those features are Disk Firewall's training mode, trusted program authenticity verification).
One of the most important things is compatibility with Windows Vista systems of all flavours that exist out there. Private Disk is now shipped with digitally signed drivers, so if you have a 64-bit Vista platform - you can use PD on it. This makes Private Disk yet again compatible with every version of Windows (starting with Windows 95).
There is also a new icon, which looks good whether you're looking at a zoomed in version, or at a tiny icon in a "list view".
Run Private Disk as a service
This is a very handy option, it used to be a part of the older 1.x versions of Private Disk Multifactor. Once this is enabled, you can run Private Disk, mount the image, then log off - the virtual drives will still be mounted, allowing other logged on users to access them (including those who access them from the network, if they are shared).
The idea is that you can mount the disk and restrict others from changing its settings (ex: alter the white-list, or change the disk's properties, etc). As an administrator, you can start the server and mount the disk, then share it; from that point on end-users can connect to the server and use what they are allowed, without being able to do (break) anything. This feature will help you offer users only as much power as they need to get their job done.
PD File Move - the secure data migration utility
This is the newest addition to Private Disk's arsenal, and it was not a part of any of the beta versions that were made public prior to the release (although the utility itself could be downloaded from the site, if you explored it thoroughly). It is designed to find a group of wanted files in a certain location, create an encrypted disk of the right size, move them to the protected storage vault, and then wipe the originals, so that the files cannot be recovered.
This is a typical screenshot of PD File Move
What can it do?
We decided not to bring these features into Private Disk itself, and instead have a separate utility to do the job. Private Disk continues to be extremely lightweight (using about 2.5 MB of RAM when disks are mounted), and PD File Move will not get in your way while you use Private Disk.
We are against bloatware, so you can be sure that Private Disk will continue to be a fast and solid tool, and it will never turn into a performance hog.
Here comes the changelog of the final version:
+ added XP-style and Vista-style icons
+ allows to run Private Disk software as a system service
+ added Disk Firewall Program integrity verification feature
+ allows to disable/enable Disk Firewall Program integrity verification
+ added Disk Firewall Traning Mode feature
+ allows to disable/enable Disk Firewall Traning Mode
+ compatibility with Windows Vista
+ compatibility with Windows Vista x64
+ the encryption password can be changed when the disk is mounted
+ allows to create a backup copy of a disk's encryption key automatically
+ optimized disk creation speeds when "fill disk with random data" is enabled
- fixed bug with occasional blue screen errors if Windows Defender is installed
- fixed bug with autorun.inf on USB-drives
Enjoy using the software!
2g 3g authentication beta biometry «blue screen» branding bsod business driver email encryption «file system» fingerprint form-filling gsm howto internet keeper keylogger linux logon mapping mobile password «password carrier» phone portability privacy «private disk» release security seven sim «sim card» «sim card forensic software» «sim manager» «sim reader» «smart card» software tips token troubleshooting usability usb usim vista windows wiping xp