?
Solved

Is CryptnetURL Cache a Security Vulnerability?

Posted on 2011-04-20
3
Medium Priority
?
8,732 Views
Last Modified: 2013-11-05
I was doing a little research into a certain set of "hidden" folders (hidden by default), and I wanted to get more information on their function, as well as whether or not they pose a security threat.

The hidden files on Windows 7 are located as follows (for those who don't already know):

C:>Users>(your user profile name)>AppData>LocalLow>Microsoft>CryptnetURLCache

Inside this folder are two subfolders, called "Content" and "MetaData"


Upon researching and Googling, I came across all kinds of contradictory and inconclusive information regarding their purpose.

- Are these folders a permanent (or even temporary) record of a user's search history / web activity?
- If these contain a record of surf activities, would they be touched by most "surfing trace cleaner" utilities?
- If these files are not deleted by most "surfing trace cleaner" type utilities, then can they/should they be modified manually?
- Why is the content encrypted, and how & when is the content decrypted?
- What is the primary function and purpose of this kind of encrypted, hidden (by default) folder?
- Do these encrypted and hidden folders pose a potential security threat to users?

Many millions of people worldwide use surf trace history utilities, designed to erase their recent searches, as well as their URL histories.   It would be very good to know if an entirely separate database exists which completely avoids deletion (and thus making these utilities almost pointless, or at the very least futile).
0
Comment
Question by:Tony_the_PC-Tuner
  • 2
3 Comments
 
LVL 52

Accepted Solution

by:
Jackie Man earned 2000 total points
ID: 35511930
- Are these folders a permanent (or even temporary) record of a user's search history / web activity?
NO, these folders store the URL which are accessed via SSL (NOT a user's search history or web activity.  By default, the OS is pre-installed with a number of SSL URL for a number of Intermediate and Trusted Root Certification Authorities for performing SECURED web activity for Internet Explorer or Google Chrome only.  The user can add new URL when visits have been made to a website via SSL and such URL is not included in the corresponding URLS for Intermediate and Trusted Root Certification Authorities.

- If these contain a record of surf activities, would they be touched by most "surfing trace cleaner" utilities?
NO, they cannot be be touched by most "surfing trace cleaner" utilities.

- If these files are not deleted by most "surfing trace cleaner" type utilities, then can they/should they be modified manually?
Unless you DO NOT want to visit any web site via SSL, you can remove all content inside the sub-folders of subfolders of "Content" and "MetaData".

- Why is the content encrypted, and how & when is the content decrypted?
It is difficult to explain as it is a kind of browser behavior. CryptnetURL is only valid for Internet Explorer or Google Chrome.  Please visit the URL below to get a brief understanding. http://www.f5.com/pdf/white-papers/browser-behavior-wp.pdf 

- What is the primary function and purpose of this kind of encrypted, hidden (by default) folder?
As explained earlier, it is just how Internet Explorer or Google Chrome works on SSL URLs.  Being hidden is to avoid accidental deletion by normal users just like other system files.

- Do these encrypted and hidden folders pose a potential security threat to users?
NO
0
 
LVL 1

Author Comment

by:Tony_the_PC-Tuner
ID: 35513155
Wow, fantastic answers.  Thanks, jackieman.  I appreciate the detailed response, as well as the link.

Especially interesting to note that this only functions with IE and Google Chrome, but not other browsers.
0
 
LVL 52

Expert Comment

by:Jackie Man
ID: 35514648
Glad to know your feedback. IE and Google Chrome makes use of the same settings in Internet Options in Control Panel so that what you change in Internet Options will be effective in Google Chrome also.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
While working, an annoying popup showing below will come and we cannot cancel or close it form the screen. The error message will come again and again.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
Suggested Courses
Course of the Month13 days, 18 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question