Re: EFS key recovery?
From: Alun Jones (alun@texis.com)
Date: 11/21/02
- Next message: Nick: "Help! Please! Not wanting all programs shown."
- Previous message: Roger Abell [MVP]: "Re: Problems taking read-only attributes off of a file in XP"
- In reply to: Brett: "Re: EFS key recovery?"
- Next in thread: Brett: "Re: EFS key recovery?"
- Reply: Brett: "Re: EFS key recovery?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: alun@texis.com (Alun Jones) Date: Thu, 21 Nov 2002 14:57:46 GMT
In article <Oi98$vSkCHA.1616@tkmsftngp10>, "Brett" <brett@cabocabo.com> wrote:
>"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com>
>> Note that for WinXP, Administrator is no longer a default EFS Recovery
>Agent (as> it is for Win2k).
>
>....and IMHO still should be if an agent isn't specified. It'd be a nice
>safety net.
I think that's the point, though. The 'safety net' that you talk about, is a
security risk to others.
Do not commit to EFS any files, unless you can say that you'd rather lose
access to the files than allow access to someone unauthorised. The EFS system
is supposed to "fail over" safely - i.e. if something goes wrong with the
operating system, the files should be irretrievable. That's part of the
design. If you use EFS, you must acknowledge that you will lose any files
protected by it if you lose the recovery key - and one good way to lose the
recovery key is for the system to get in an unbootable state - a disk crash,
say.
One ideal for EFS is to protect files against a thief who steals your hard
drive. If there was a way for you to recover your files after your system
becomes unbootable, then there would similarly be a way (the same way) for the
thief to recover your files from that stolen hard drive.
Alun.
~~~~
[Please don't email posters, if a Usenet response is appropriate.]
-- Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at 1602 Harvest Moon Place | http://www.wftpd.com or email alun@texis.com Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for XP/2000/NT.
- Next message: Nick: "Help! Please! Not wanting all programs shown."
- Previous message: Roger Abell [MVP]: "Re: Problems taking read-only attributes off of a file in XP"
- In reply to: Brett: "Re: EFS key recovery?"
- Next in thread: Brett: "Re: EFS key recovery?"
- Reply: Brett: "Re: EFS key recovery?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
