Re: Encrypted File Systems

From: N407ER (n407er_at_myrealbox.com)
Date: 08/02/03

  • Next message: Simon Smith: "Re: Finding hidden backdoors" 
    Date: Sat, 02 Aug 2003 14:30:27 -0400
To: Ricardo Oliva <ricardo@zoology.ubc.ca>

    I could be completely off the mark on this; I'm trying to recall what I
    read when I skimmed an article god-knows-where a few weeks ago on EFS.

    Supposedly one of the big issues with EFS in 2K was that the Default
    Recovery Agent--who can recover encrypted files--was the administrator.
    Well, any exploits that would allow admin access (and there are quite a
    few) would allow decryption.

    So my impression was that if you had a competent admin who made his DRA
    an administrator in the domain rather than just the default local admin,
    you'd be a lot better off. I think--just a guess since I've not read
    anything to the contrary--that the encryption itself isn't all that bad.

    Anyone care to set me straight?

    Ah, and I did some googleing. Here's what I read:
    http://www.serverwatch.com/tutorials/article.php/2106831

    Ricardo Oliva wrote:
    > Hi,
    >
    > I am just trying to get some info on the best method available for having
    > files encrypted on a system. This is a laptop that is going to be used
    > outside our physical environment and I would like to make sure that info is
    > not accessed in case of the laptop going missing, etc...
    >
    > I understand that the Windows EFS implementation had some issues on win2k,
    > and that the XP implementation is slightly better. Any comments on that?
    >
    > Any solutions for win98?
    >
    > Thanks in advance.
    >
    > Regards,

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: Simon Smith: "Re: Finding hidden backdoors"

    Relevant Pages

    • Re: Encrypted File System
      ... If you're trying to prevent the admin from viewing the files, I recommend getting a 3rd party encryption product instead of trying to use EFS. ... Just google for encryption, and IMO you should get a product with business class tech support - there are a lot of free or shareware apps that I'd avoid. ... >>> so i figued out that i would create another admin account to perform ...
      (microsoft.public.windows.server.sbs)
    • RE: Protecting sensitive files on a Windows file server
      ... especially secure (using the file encryption is better though). ... Protecting sensitive files on a Windows file server ... recovery (which can also break EFS) and online password/data recovery ...
      (Security-Basics)
    • Re: EFS Private Keys
      ... It's possible to have a cluster that was in use that couldn't be wiped. ... > syskey was to EFS in W2K, ... >>> the private keys are protected however the key to the private key is ... >>> stronger encryption available for EFSfiles permanently if you don't. ...
      (microsoft.public.win2000.security)
    • Re: Corrupted Admin Profile
      ... > My view on EFS: ... > Do not to use encryption unless you are in a domain and you know ... as well not having created a Recovery Agent (with backup of the ... > Q241201 How to Back Up Your Encrypting File System Private Key ...
      (microsoft.public.windowsxp.security_admin)
    • RE: Laptop Security - Microsoft EFS
      ... In the case of a laptop where the biggest concern is theft, ... As for EFS key theft, that wasn't the point I was trying to emphasize -- the ... crack the encryption, stick a sniffer in there AFTER it's decrypted. ... an additional point of attack -- one that may not make evident the ultimate ...
      (Security-Basics)