RE: Is W2K EFS trivial to crack?
From: Potesta, David (David.Potesta@vw.com)Date: 03/17/02
- Previous message: Christofer Olofsson: "RE: How to know when was root passwd changed"
- Maybe in reply to: Kent James: "Is W2K EFS trivial to crack?"
- Next in thread: Frank Heyne: "RE: Is W2K EFS trivial to crack?"
- Reply: Frank Heyne: "RE: Is W2K EFS trivial to crack?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Potesta, David" <David.Potesta@vw.com> To: 'Kent James' <kent1@caspia.com>, Security-Basics <security-basics@securityfocus.com> Date: Sun, 17 Mar 2002 08:32:20 -0600
Unless the laptop is a DC, the user account would not be on that machine so
one would be unable to change the EFS owner's password.
-----Original Message-----
From: Kent James [mailto:kent1@caspia.com]
Sent: Wednesday, March 13, 2002 9:56 PM
To: Security-Basics
Subject: Is W2K EFS trivial to crack?
In a recent thread here, it was reported how easy it is to gain access to
the administrator account on a W2K system. So in the stolen laptop with
EFS-encrypted files scenario, someone could just reset the administrator
account password, change the password of the user account, log on as that
user, then access all of the EFS-encrypted files.
Is this correct (which makes EFS useless as a file encryption scheme)?
+----------------+
Kent James
Kent@caspia.com
+----------------+
- Previous message: Christofer Olofsson: "RE: How to know when was root passwd changed"
- Maybe in reply to: Kent James: "Is W2K EFS trivial to crack?"
- Next in thread: Frank Heyne: "RE: Is W2K EFS trivial to crack?"
- Reply: Frank Heyne: "RE: Is W2K EFS trivial to crack?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
