Enhanced security: Exploring the latest WinRAR version

Enhanced security: Exploring the latest WinRAR version

Http://pcedu.pconline.com.cn/soft/gj/zip/0806/1313787.html

After a period of silence, WinRAR, the old compression software, recently launched the New WinRAR v3.80 beta1 version. In the latest version, the biggest change has enhanced security. Detailed changes are described in detail in this article.

Before talking about the new version, let's take a look at a demonstration of the old version WinRAR 3.71. First, we will encrypt and compress the folder named "cutting-edge technology" (the folder contains 3 pieces of information) on the drive D on the testing machine, the objective is to use the WinRAR encryption function to keep the folder and its files confidential. In the compression options, we select the WinRAR "delete source files after compression" option. After compression, You can automatically delete the "cutting-edge technology" folder and the content in the folder.

 

Figure 1 WinRAR 3.71 compression options

After the compression and packaging are completed, we will use the delete file restoration tool finaldata to scan the D disk. The finaldata report is displayed. The folder that has been deleted by the old version WinRAR is displayed in the finaldata deleted folder option. We choose to restore the folder, the folder is successfully restored and complete.

 

Figure 2 finaldata display

Cause Analysis: when the old version of WinRAR deletes a file, it only deletes the file, which is similar to the SHIFT + DEL deletion. This operation causes the deleted files to be easily restored. Yes, this is an insecure factor in the old WinRAR version. So when we use WinRAR to encrypt and package, we have to use the file thoroughly Delete tool to completely delete the source file.

Let's try again. We still have a folder named "cutting-edge technology 2" on drive D (which contains 3 Documents). We still use WinRAR to encrypt and compress the folder, still select "delete source file after compression ". The difference is that this time we changed WinRAR to the new version of WinRAR v3.80 beta1, and checked the New Option "delete mode → clear file" in the compression option ".

Figure 3 WinRAR v3.80 beta1 compression Option

After compression, we still use finaldata to scan the D disk. At this time, we can no longer find the "cutting-edge technology 2" folder.

Figure 4 finaldata display

Yes, this is the new feature of WinRAR. After deleting the file data, use a 0-byte file to overwrite them to prevent deleted files from being restored by some restoration software. This function provides us with security protection for the secure compression and packaging of data, without the need for additional data deletion software. After this function is enabled, the automatic deletion process for compressing large files will become longer.

The temporary files generated during the decompression process are also a leak channel, so the "Clear temporary files" option is also added in the WinRAR option> Settings> Security of the new version.

Figure 5 Security Options

WinRAR v3.80 beta1 adds two compression modes in the compression option dialog box: "Overwrite query" and "Skip existing files", which makes the update of the compressed package more flexible, it also saves us valuable time. Note that these new modes ignore the file date and only compare the file name.

Figure 6 update mode

For ZIP files encrypted using AES encryption, the new version also provides pressure support. After testing, the new version of WinRAR can be decompressed normally and cannot be decompressed as the old version does.

Figure 7 old WinRAR versions cannot decompress ZIP files encrypted by AES