How to avoid local caches when I open encrypted files

Question

For personal usage I tend to keep things that I want to hide or protect in rar archives encrypted and protected with a password. Today I launched an antivirus scan, and as result it found malware in a folder in C:\Users\<username>\AppData\Local\Temp. After further investigations, I noticed the presence of pictures and documents that are currently stored in rar archives (all protected by passwords and encrypted).

It seems like when I access a rar it temporary stores its content in Temp, but I also noticed that it didn't for all the encrypted rar that I have.

That lead me to the following question: if anytime I open a rar it caches its content, then is the whole encryption pointless, unless I clear the Temp folders? But does this happen for everything? Is there a safer way to store sensitive information?

Now I am not even sure if what I have already deleted is really gone or a copy is stored in some default folder. Not that I have to hide anything special, but I know that you can retrieve tons of information from a pc and that makes me paranoid.

Answer 1

Security is hard. While I applaud your attempts to use commonly available programs to increase your security, software that wasn't expressly designed for security often does the little things wrong (as you found out). In your case, your rar program makes a local cache of the contents, presumably so it'll run faster - something that most users would be happy about.

TL;DR: the single best way to protect yourself from data leakage on a personal computer is to use full-disk encryption (or encrypt your user's folder if it's a shared computer), a strong password for your user account, don't share your account with anyone, and make sure you log out (or at least lock your screen) whenever you step away from the computer. Also, turn on your firewall to make sure that programs aren't uploading data anywhere without your permission. That way, even if you are using programs that do the little things wrong, it doesn't matter.

---

You asked:

if anytime I open a rar it caches its content, then is the whole encryption pointless?

To answer this question, let's start by asking what problem the rar software is trying to solve by offering this feature. Their goal is to protect the data while it's in motion; ie if I rar a scan of my passport and email it to someone, I want to make sure that nobody can open it unless I give them the password. This feature assumes that the endpoints are secure, meaning that once somebody types in the password, its job is done.

In fact, once it decrypts / unarchives the files and saves them to disk there's really no point in even trying to protect them anymore because every other program on your system can see them. For example, Windows Explorer will index and process the photos in order to display thumbnail previews, leaving cache files behind. And what about actually opening the photos? Which photo viewer will you use? Are you the programmer who wrote it? If not, how do you know that the photo viewer will not make cache files? Or maybe upload your files to the internet? The point is: unless you've personally inspected the source code of every program that's running on your computer (including the OS itself), any one of them could be doing naughty things with your data.

That kind of paranoia is exhausting. Just lock down your user account so that nobody but you can see the data, and let your programs do whatever they want.

Answer 2

This works as designed, because WinRAR must send a plaintext version of the encrypted file to be processed. It's not a flaw. Lets see why.

• You have a password protected rar file

  In this point, all the data are inside the rar, encrypted and protected. Nobody can read them.

• You open the rar file on WinRAR

  In this point, all data are still protected, and only WinRAR can read the data. But you need to open an image.

• You double click the image

  Winrar will need to decrypt and extract the image before opening it, as your image program cannot read the encrypted and compressed data. WinRAR creates a temporary file, and tells your image program to read it.

• You close WinRAR, and the image program

  The image is kept there, intact. The default operation of WinRAR does not wipe the temporary files after closing.

To make WinRAR delete the temporary file, you must go to Options -> Security and tell it to always wipe temporary files.

Or you can program a secure viewer, that uses rar libs to process the encrypted rar file, decrypts and decompresses the files, and renders the result without writing a cache file. It's easily doable if you are a programmer.

Answer 3

The answer should be obvious. The un-encrypted contents should never be written to disk. It should be stored in memory as long as it is needed. It can be paged memory if it is very large, but that should not normally be an issue as the kinds of files we are talking about will usually be text files, so will be relatively small. I have had the same issue with my text files being plainly stored in the temp directory. Totally unacceptable! And discovered only by accident. I will look for a more reliable compression utility, not 7zip!

Answer 4

To avoid this kind of surprise, you could use something like Tails: Tails forgets everything you've done once you log out and you didn't expressly copy to an external device. But then, using Tails for daily stuff is such a pain - because most of the time you DO want your computer to remember stuff - that you will give up on it. You should only use Tails for very sensitive "your eyes only" things, but you cannot work that way every day.

But Tails allows you to use just all software you'd like: at the end of the day, everything is forgotten again.