CardSpace on FAT File Systems

The version of Windows CardSpace that shipped in .NET Framework 3.0 will not run when installed on a FAT file system. We’ve received a surprising amount of feedback (some of the earliest from Pamela Dingle) that customers are still using FAT file systems and this is causing problems. This was done because FAT doesn’t provide ACLs and therefore the files CardSpace uses for storing cards can be deleted or corrupted by malicious code running as the user. Since the store files are still double encrypted by both the user’s and the system’s keys, even on a FAT drive, user code cannot access the contents of the file and read the secret card information. Given the feedback we received, and that the cards are still protected against theft, we decided to make the changes and enable CardSpace (shipped with .NET Framework 3.5) on FAT File Systems. This change doesn’t have any side effect on the rest of the product so running CardSpace on partitions formatted with FAT or NTFS produces the same results.

This is a change intended to meet some customers’ demands but we still recommend the use of NTFS because it’s a more secure environment not only for CardSpace but also for all other files in the computer.

 

Rafael
Windows CardSpace Team