Forums Bugs & issues Axcrypt leaves many files visible (UNencrypted) even when program exited

This topic contains 8 replies, has 2 voices, and was last updated by  N Moyes 1 week, 4 days ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #13527 Reply

    Steve L.

    Using Axcrypt 2.1.1573.0 for Windows, I noted today that, in the C:\Users\<username>\AppData\Local\AxCrypt folder, ther are many subfolders within which there are UNencrypted copies of files previously encrypted . . . and they don’t disappear when you exit the program or sign out & then exit the program (I always use the program in “Offline” mode). I don’t want any person or party to ever get hold of my computer and then find a whole bunch of sensitive files that are left in an UNencrypted state. Is it technically necessary to design the program to operate this way and, if so, why? Or is it an oversight in program design? If not techniclly necessary, do not leave whatever number of files that a user wants to be in an encrypted state to have copies saved in said user folder(s) in an UNencrypted state. How would you respond to this (and how do I deal with this seeming “security gap”)? I perhaps can understand that, while the program is open and in use, it might be technically necessary for the program to keep some of the user’s files in an UNencrypted in said folder(s) (though WHY?) . . . but, if not technically necessary for the program to operate in this way, then certainly when the program is exited, do not leave any number of sensitive files in an UNencrypted state on a user’s computer. It somewhat defeats the purpose of using the program.

    #13546 Reply

    Prabhukumar R
    Moderator

    Hello Steve,

    The location(C:\Users\’user name’\AppData\Local\AxCrypt) is for the temporary decrypted copies of the files. Those will either be cleaned automatically at the earliest opportunity or when you click the red clean “broom” icon in AxCrypt.

    AxCrypt works by decrypting files temporarily and then launching the appropriate application for the decrypted file, which thus is entirely unaware of AxCrypt. AxCrypt monitors the system for the launched app to exit, and when it detects this it will re-encrypt the file and wipe (overwrite) the decrypted file and then delete it.

    Please note: We have to close all the instance of the opened application to re-encrypt the files and clear the local cache.

    Anyway, we will discuss with our team to alter/add extra feature to handle the temp files.

    #16316 Reply

    Charles

    I have experienced the very same problem – only alerted to it by wisecare. This files survived the pc being rebooted.

    #16326 Reply

    Prabhukumar R
    Moderator

    Hello Charles,

    If you have updated the encrypted files contents and which is pending for re-encryption.

    I think (not sure) you are not closed to the file and corresponding application properly.so please try to clear the local cache file in the below way, then test the same file again(Please close all the instances of the file and corresponding application). still, if you are facing any issue. Please let me know.

    Please check the folder(C:\Users\”User Name”\AppData\Local\AxCrypt). If you found any subfolders inside the AxCrypt folder, take a back up of those folders. Then clean the local cache by the below-described way.

    Please delete the folder %LocalAppData%\AxCrypt(C:\Users\’User Name’\AppData\Local\AxCrypt) to clear the local cache and starts the AxCrypt app like a new.

    If the above does not help, Please send the complete error report with some screenshots of the exceptions, so that we will try to troubleshoot the same as soon as possible.

    You can also send the complete error report to troubleshoot the issue. Please follow the detailed instructions to take the complete error report: https://forum.axcrypt.net/blog/send-complete-error-report/ .

    Still, you are facing any issue, please provide detailed information about the issue and write a mail to support@axcrypt.net. We are happy to help you.

    #31809 Reply

    D

    I can confirm that decrypted files are left in folders in (C:\Users\”User Name”\AppData\Local\AxCrypt) any time there is an unexpected termination of the software.

    This could be due to power loss, battery failure (if using a laptop), crash of the Axcrypt app, and other similar circumstances. If this happens, the decrypted files will be left on your hard drive in unencrypted form until you hopefuly remember to go clean them out by using the broom symbol or manually deleting.  If you don’t remember to do this, or don’t open Axcrpyt again, or perhaps didn’t realise that your PC or axcrpyt had crashed, the files will sit there potentially forever.

    This is a problem common to most encryption software.  They either leave the file decrypted in it’s normal location, or they create temporary files in unencrypted form.

    Please let us know if there is a way to configure Axcrypt so that it stores its temporary files in a RAM disk, so they’re not left on the hard drive. If this is not possible, I personally will no longer be able to use Axcypt as this is a major problem for me.

     

    #33328 Reply

    Carl Sagerquist

    AxCrypt puts a temp file on Drive C: in the C:\Users\Zeus\AppData\Local\AxCrypt directory.  It creates another directory on the fly, there, in one case “geol1alo” where the temp file is placed.  This is the one that gets modified after the original .axx file is opened.

    Mine is a .txt file like “passwords-txt.axx”, and the temp file in the above mentioned directory, is “passwords.txt”.

    Now, when I save the modified “passwords.txt” file, the date/time stamp on it changes immediately.
    The original file “passwords-txt.axx” gets rewritten with the updated data about 30 seconds later.
    This is fine.  This is excellent.  Meaning I open the file through AxCrypt, edit the file, save it, and I’m done.

    The problem is the temp file “passwords.txt”, which is NOT ENCRYPTED (necessary for the edit process) IS NOT DELETED.
    I get an error that “These files could not be re-encrypted:    passwords.txt”.
    With that error, THE TEMP FILE “passwords.txt” IS LEFT THERE UNENCRYPTED!!  That’s an UNACCEPTABLE SECURITY BREECH!!

    I’ve used this program in the past, never got this error, never had the unencrypted file left behind.  Is this an error in the AxCrypt program, or are there some Windows 10 switches I need to flip to allow AxCrypt to handle the delete-the-temp-file function?  Turning off AVG Internet Security doesn’t help.

    #33344 Reply

    Prabhukumar R
    Moderator

    Hello Carl,

    File could not be re-encrypted

    AxCrypt will keep track on the opened encrypted files, to update and re-encrypt the same. If we opened the file and updated the contents, then AxCrypt will re-encrypt the updated file.

    So after editing the encrypted files, we have to click the broom icon from the AxCrypt app to re-encrypt the updated files. We have to close all the instance of the encrypted file(s) opened application.

    And the AxCrypt app will be checking whether the opened file and the corresponding application are closed or not? If closed, then the AxCrypt app will automatically update the contents of the file and re-encrypt the same.

    Actually, we have to close the file opened application completely, to update and re-encrypt the file. Sometimes, we have to manually click the red Broom icon, to clean and update the pending files.

    Please note: If you opened and updated an encrypted text file with notepad and at the same time you had opened an another notepad application also, then you have to close both the opened applications to re-encrypt the encrypted files. You have to close all the opened corresponding applications properly.

    Please close the encrypted file and corresponding file, then you can signout/exit from the AxCrypt app.

    Still, you are facing any issue, please provide detailed information about the issue and write a mail to support@axcrypt.net. We are happy to help you.

    #36014 Reply

    Thomas Schulze

    Hello,

    However, this is not the case when working on a terminal server and there are no server-based user profiles. Because the local folder remains untouched.

    Because the local folder is not deleted even after a restart.

    #39934 Reply

    N Moyes

    I note that as well as clearing the cache in the appdata folder you seem to need to use the task manager to close down Axcrypt as it often still wonlt let you sign out

Viewing 9 posts - 1 through 9 (of 9 total)
Reply To: Axcrypt leaves many files visible (UNencrypted) even when program exited
Your information: