Another potential email privacy issue has arisen, with an analyst charging that Windows is storing text stripped from emails as a function of its Windows Search Indexer function.
The discovery that this touchscreen data could be exposed was made by security researcher Barnaby Skeggs, who last week wrote: “WaitList.dat’ (WaitList) is a data file which has
been found to contain stripped text from email, contact and document files.”
Skeggs examined the 140mb ‘WaitList.dat’ file and identified “metadata, and full body text
of over 36’000 emails and documents, spanning back 3 years.”
He determined that the data within WaitList is “associated with the ‘Microsoft Windows Search
Indexer’ process. This process locks the WaitList file on a live system.”
It is not clear what, if any, harm could ensue.
“There's an obvious security
implication there,” writes Paul Lilly on Hot Hardware. “If an attacker is able to compromise a PC with malware, he or she could focus on the WaitList.dat file and potentially pluck a gold
mine of sensitive information. Furthermore, the attacker only need use a set of Powershell commands.”
But Catalin Cimpanu writes on ZDNet that “this file is not dangerous unless
users enable the handwriting recognition feature, and even in those scenarios, unless a threat actor compromises the user's system, either through malware or via physical access.”
Skeggs
adds: “Since the release of Windows 8, and the ‘Metro’ interface, touch screen input has been implemented in a rapidly rising number of Windows devices including Microsoft Surface
Pro/Book, 2-in-1s, convertible laptops and tablets.”
He continues that “Microsoft has catered for this trend, implementing conversion between touch/pen handwriting to computer text
in software such as OneNote.”