Critical security fault continues in TI11-8101

Discussion in 'Acronis True Image Product Line' started by pluskey, Aug 10, 2008.

Thread Status:
Not open for further replies.
  1. pluskey

    pluskey Registered Member

    Sep 26, 2007
    This is a copy of the tech support I sent to Acronis today

    I reported this problem January 10, 2008, incident #1290944. The problem persists in update TI Home 11 version 8101.

    If a job is configured for incremental backup, with a password set matching the base full backup, deleting the base full backup will cause subsequent incremental jobs to run without enforcing password protection on the archive.

    The first incremental backup after deleting the base full backup set will have all the characteristics of a full backup, but will not be password protected. All subsequent incremental backups will likewise not be password protected.

    With this defect, all that is necessary to breach password security on a backup set it to delete the initial full backup of the set. There is no notification that an initial full backup set does not exist.

    This is NOT how TI9 and TI10 worked. If the initial full backup was deleted, subsequent incremental backups would continue to be password protected.
  2. Acronis Support

    Acronis Support Acronis Support Staff

    Apr 28, 2004
    Hello pluskey,

    Thank you for choosing Acronis Disk Backup Software.

    We are sorry for delayed response.

    Please notice that our Development Team is aware of the problem, and it will be fixed in the next version of Acronis True Image. We are sorry, but the exact time-frame isn't defined yet.

    Please notice that for more secure approach in either case it's recommended to store archives in a location where they are unlikely to be deleted without the data owner approval.

    Thank you.
    Marat Setdikov
  3. shieber

    shieber Registered Member

    Oct 27, 2004
    The incrementals won't work for a resore without the parent Full, will they?

  4. MarkAtHome

    MarkAtHome Registered Member

    Jul 2, 2006
    Hi Marat -- just to clarify, does this mean we have to wait and pay for TI 12 to get the bugs fixed, or does it apply to actually fixing TI 11 so that it works?

    I'm still waiting a 1.5 months for a response to Acronis #1577426 re Build 8101 -- with this simple (or maybe not so simple) problem unaddressed, there is no way I would feel confident that any backup created by this software is safe, if I can't even exit the program.

    Need I look for an alternative in the meantime?
Thread Status:
Not open for further replies.