Home »
Windows
»
Windows Configuration
Summary: It's possible to make it very difficult to delete a file, but someone with motivation and physical access to your machine might still cause trouble.
|
Can I prevent a file from being deleted? I have a file that is encrypted so that only I can read it. Now the problem is that although no one can read it, they can still delete it. I want to prevent that file from being deleted. |
The short answer is no. You can't prevent it.
The longer answer is you can make it more difficult, but if someone is determined to delete the file, they probably still can.
•
I'm going to assume that this file is on a machine where other people have access to the machine itself. If your file is on a network or on a server, anywhere where people do not have physical access to the machine, then the answer's different. You can prevent the file from being deleted simply by putting it somewhere that people have read-only access, or marking the file itself read-only to everyone but you. Exactly how you do this depends on what kind of an internet server or network file server you're running, but it's typically not that hard. Your network or system admin can help on that, or the steps outlined below may apply.
However, when it comes to a PC that other people might have access to, all bets are off.
Let's look at how we can make it difficult, and then I'll describe how all that can be bypassed.
First, the drive on which you've placed the file must be formatted NTFS for the additional security options we're about to play with.
Open up Windows Explorer, click on Tools, Folder Options click on the View tab and scroll to the bottom of the Advanced Settings list. You should see something like this:
Make sure that Use simple file sharing is not checked, and OK your way back out.
Now, locate and right click on the file you want to protect and click on Properties. You'll see a Security tab; click on that and you should get something like this:
Now, for each Group or user name in the top list except Administrator (or perhaps except your own login account if you are not an administrator), make sure that the Deny column in the Permissions for... list is checked. For Administrator the column Allow should be completely checked.
Press OK.
What this has done is restricted access to the file to only those with administrative privileges. Anyone else logged into Windows with a different account will be unable to read, write or delete the file.
Seems like exactly what you were looking for, right?
Here's the downfall:
If it's not physically secure, it's not secure.
If someone can reboot your machine and boot from a floppy, CD-ROM or USB drive, then they can boot into any of a number of password and file recovery programs that can completely bypass the security you've just set up.
In fact, here's an article on how they can become the administrator: I've lost the password to my Windows Administrator account, how do I get it back?
At that point, they could reformat the drive, and erase everything including your file.
Even if you remove all the boot options, if they're really motivated, they can steal the machine or drive, and install it into some other system where they can then proceed to get full access. I'm guessing stealing the drive also qualifies as deleting the file.
The bottom line is that depending on your situation, "making it difficult" might well be enough. But be aware that it's not bullet proof. Encrypting your data is a great thing to do, but make sure you have a backup - perhaps of the encrypted container - since it's quite possible a motivated someone could come along and delete it no matter what you do.
Related:
I've lost the password to my Windows Administrator account, how do I get it back? It turns out that resetting an Windows account password is frighteningly easy, as long as you have access to the machine.
TrueCrypt - Free Open Source Industrial Strength Encryption TrueCrypt provides solution for encrypting sensitive data - everything from portable, mountable volumes to entire hard disks.
Can I password-protect a folder? Keeping data on your computer secure is important. Being able to password protect a folder seems an obvious approach. Unfortunately it's not that simple.
Article C3452 - July 21, 2008
Hi, Leo,
Posted by: Diana at July 22, 2008 10:10 AMI'm wondering: there are programs (some free ones) that will actually hide a file or folder so that anyone looking at your computer doesn't even know it exists. Off the top of my head I can't think of the name of one of those programs, but I'm sure you've heard of them. If a file is hidden, and it requires a special password of its own to unhide it, wouldn't that prevent its deletion – barring the reformatting of the hard drive or the actual physical removal of the machine or drive?
You have to be careful about using apps that promise to hide a file or folder, I know of one that just moves the file to the app's directory and doesn't really hide it at all....easily found using windows explorer. I think the name of the one I'm talking about is "folder lock" I prefer really encryptioning it with trucrypt. With trucrypt you can make a container using any extension like a .dat or .jpg...something no one would expect to be able to read...
Posted by: Dave at July 22, 2008 4:00 PMDon't forget the ultimate physical threat to data integrity: a big, powerful magnet.
Actually, I've read that what we think of as big magnets turn out to be much less effective than we might think. Surprising, to me anyway, but apparently so.
Posted by: Octav at July 22, 2008 4:56 PM-Leo
Dave,
I found TruCrypt when I Googled that name, but all the sites pointed to a program called TrueCrypt, so I hope that TrueCrypt was the program about which you were talking. When I went to their web site, it looks like the program is disk encryption software. I didn't see any options for encrypting a single file. Am I not getting the best info from their screenshots? Can you make TrueCrypt hide a file?
For individual file encryption I have heard things about http://www.axantum.com/AxCrypt/, but I've never used it myself.
-Leo
Though I don't have to share my computer/laptop with anyone else I use external USB harddrives to keep a good portion of what is on my main drive (C:) In that way I'm more assured of it's safety and security. The external USB hard drives comes in a variety of compact sizes and are reasonable in price. They are transportable on to other computers.
Posted by: ShawnPatrick at July 22, 2008 11:58 PMyeah Diana, it's truecrypt....my bad...you can make a truecrypt container as big or as small as you want or need. When mounted it acts just like another hard drive partition.
Posted by: Dave at July 23, 2008 5:29 PMI've often tried to delete a Windows directory and gotten stopped because of a flash??.ocx (?? stands for 8c or 9b or some other version code). Even from another windows installation or Windows PE CD, it can't be deleted, so I know the file isn't in use. I can't figure out how (or why) Adobe makes it undeletable. It would seem there is some technique that might be useful for protecting other files.
Posted by: Simcha at July 29, 2008 11:27 PMI wanted to put a file(video) in an USB thumbdrive and doesn't want to be deleted. I want it permanently there. I heard from my friend that in order to do this, i must do it in desktop or notebook, can't do it in USB. Once the file became "undeletable" at the computer, we can copy to the USB and the file will be permanently at both computer and USB. Is it true? You have any better way of doing it?
Posted by: Alisa at March 24, 2009 2:28 AMThanks for your help.
THIS IS LEO'S ANSWER:
"The short answer is no. You can't prevent it."
YOU ARE WRONG!!!
YES YOU CAN PREVENT A FILE FROM BEING DELETED. THERE IS A WAY. THE PROBLEM IS WE DON'T KNOW HOW. TRY PANDA USB VACCINE. IT WILL CREATE AN "AUTORUN" FILE ON YOU FLASHDRIVE WHICH WILL IMMUNIZE IT FROM VIRUSES. YOU KNOW WHAT? ONLY FORMATING YOUR FLASHDRIVE CAN DELETE THAT "AUTORUN" FILE. ALSO BEEN WONDERING HOW THEY DO IT. TRY IT AND YOU'LL BE AMAZED.
25-May-2009
If deleting means making inaccessible, then its simple to destroy whatever drive the data is on.
Formatting a drive can delete it too.
No way to prevent it from being deleted if anyone else has access to it. (best bet is a thumb drive in your pocket, but that's not guaranteed either).
Posted by: Ziggie at May 25, 2009 5:17 PM