Just upgraded to QuickBooks 2008, since it claims to interoperate better with Vista. Since I’m planning on exchanging QB data files with my accountant, I thought I’d be clever and create a dedicated QB directory and mark it as encrypted (that is, using the built-in NTFS Encrypting File System feature).

Unfortunately, after doing so, when attempting to import a QB backup (or the ‘portable’ data file format), the program shows some nasty error code and the backup fails.

Educated guess as to the nature of the failure? Well, it turns out QB installs a service! It’s called QBCFMonitorService.exe and it’s running as Local System. Now, why does QB need an NT service, and why would it need to run as system? These are security attack surface questions that keep me up at night.

I suppose that service is trying to read the new data file at the end of the import procedure. And it can’t, because that file is encrypted such that only my user account can read it (which was the whole point of using EFS).

Removing the “encrypted” property from my QB data directory allowed the import to succeed.

No Comments »