Re: EFS - Private Key - External storage

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 10/30/04

• Next message: Roger Abell: "Re: Cannot access to Event Viewer"
• Previous message: Roger Abell: "Re: Should I install Certificate Authority to solve these problems ?"
• In reply to: Thomas Weigel: "EFS - Private Key - External storage"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 30 Oct 2004 03:10:00 -0700

EFS does act in transparent fashion.
It does not have a use for email while it is email, but after
archived as sent/received in file it may.

The key cannot be on a removable devise and in use.
The cert/key export file may be stored anywhere, but best
not on a live machine. If I recall correctly, as the most
recent versions of OS readied for release, there were no
external, portable storage cards/devices in wide, cost-effective
use that had sufficient storage size to enable the application
you seem to be after.

The decryption key, when stored on the system, is itself
encrypted in a way that requires both login access to the
account to which it is tied, and knowledge of the system
secrets which are involved its own en/decryption key.

There is probably better research and engineering in EFS
than what you will find in similar third-party capabilities
unless you look at high-dollar spookware.

-- 
Roger Abell
"Thomas Weigel" <entwicklung_nospam__at__octagon_minus_gmbh_dot_de> wrote in
message news:O85wXGYvEHA.3728@TK2MSFTNGP12.phx.gbl...
> Hello,
>
> is it possible to place the decryption key for EFS on an external media
like
> USB-Stick or floppy or CD to use it from there for decryption? Or has it
to
> be stored on hard disk?
>
> If it could be stored external this would sovle many security problems and
> reduce cost of security.
> If it doesn't work, who has experience about other directory / file
> encryption software working transparent.
> I would like to secure e-mail adresses, mails and some more stuff which is
> kept in few direcories.
> I am not a specialist in security questions, just searching for a solution
> for some stand alone laptops.
>
> Who knows and can tell me?
>
>
> Thanks a lot ahead
>
>         Thomas Weigel
>
>

• Next message: Roger Abell: "Re: Cannot access to Event Viewer"
• Previous message: Roger Abell: "Re: Should I install Certificate Authority to solve these problems ?"
• In reply to: Thomas Weigel: "EFS - Private Key - External storage"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: EFS is a joke! ... > You seem to be missing a couple of basics of security yourself. ... And if he could do that, why use EFS at all? ... they can't decrypt the file and see your information. ... multiple layers of encryption for security. ... (comp.security.misc) Re: File Encryption ... the mechanism used to protect the EFS ... private key. ... > account appears to be the only account whose security ... > my certificate and security information is intact (the ... (microsoft.public.windowsxp.security_admin) RE: File Encryption - Laptop ... Windows XP with SP1 and then using Encrypting File System (EFS). ... This provides paramount security - even if the laptop is stolen, ... Captus Networks ... (Security-Basics) Re: hd security ... Microsoft security products, and to provide a resource for ... additional capabilities over "EFS Key", ... >> Encryption password must be known or SAM database must ... Subverting the ... (microsoft.public.windowsxp.security_admin) Re: How to get full access to all contents? ... You are dealing with an EFS issue it appears. ... Security) ... > "Roger Abell" wrote in message ... >> MCSE MCDBA ... (microsoft.public.windowsxp.security_admin)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint