Re: FAQ - READ BEFORE POSTING
From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 12/04/02
- Next message: Glenn Phillips: "Re: Web Page"
- Previous message: Richard Wasteneys: "Outlook express email attachments"
- In reply to: Drew Cooper [MS]: "Re: FAQ - READ BEFORE POSTING"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Karl Levinson [x y] mvp" <levinson_k@excite.com> Date: Wed, 4 Dec 2002 16:28:31 -0500
"Drew Cooper [MS]" <dcoop@online.microsoft.com> wrote in message
news:eEjZRb9mCHA.2208@TK2MSFTNGP09...
> In a word: Wow!
Thanks for the kind words.
> On Windows 2000, this is only true if SYSKEY is not used in offline mode.
> Granted, that this is the most common scenario. Who wants to remember yet
> another password or carry around a floppy just to log on?
> On WindowsXP (and soon .Net Server) it's only true for files encrypted in
> machine context and only true if SYSKEY is not used in offline mode. EFS
> sorta breaks one of the "immutable" laws of security.
Yes, you're right, maybe I should have included that fact in the FAQ.
Assuming that most people are like me, when I wrote this I was imagining
people leaving the syskey floppy in the floppy drive 30% of the time, and
losing the floppy [or the password] and thus lose all access to their
computer's hard drive another 20% of the time, thus leaving their computer
still physically vulnerable.
> I very much enjoyed your FAQ. I'll forward it to some of the other
security
> geeks to see if they have feedback for you, too.
Thanks, I do look forward to hearing other feedback.
- Next message: Glenn Phillips: "Re: Web Page"
- Previous message: Richard Wasteneys: "Outlook express email attachments"
- In reply to: Drew Cooper [MS]: "Re: FAQ - READ BEFORE POSTING"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
