Re: EFS not secure on LAN

From: Rob Rohrbough (Rob_RSD_at_yahoo.com)
Date: 07/31/03 

Date: Wed, 30 Jul 2003 19:17:50 -0700

Herb,

Thanks for your reply. I beg to differ on the following
point:

>No. Without the key (which must be sent from YOUR
>account/profile/certificate store) they cannot "see" EFS
>data.

I saw it happen. While I am new to EFS and make mistake
like everyone else, I tried this several times. Today, I
was able to export, delete, and import the certificate for
EFS. It was installed in my Personal store. When the
certificate was present there anyone who had NTFS
permission to the folder could see the file's data; when
the certificate was not there (after a reboot) no-one
could access the data even if they had access to the
folder and file. Before a reboot, even without the
certificate in the store, apparently some kind of cache of
the certificate was still allowing people to see the data.

I appreciate your answer and am open to any additional
insights you have,

Rob

>-----Original Message-----
>> However, that directory is on a drive that is shared
with
>> other computers on my peer-to-peer LAN. Users on any
>> WinNT-based machine can see the encrypted data; users on
>> Win0x-based machines are restricted fromt the directory.
>
>No. Without the key (which must be sent from YOUR
>account/profile/certificate store) they cannot "see" EFS
>data.
>
>Now, if you transfer it over the net, they can sniff it
but
>that is just because it is an ENCRYPTED FILE system.
>
>
>.
>