Re: Encrypting File System
From: Drew Cooper [MSFT] (dcoop_at_online.microsoft.com)
Date: 05/12/04
- Next message: bill: ""Another user is already running this application""
- Previous message: Prashanth Kaankadae [MSFT]: "RE: Trasferring product registration!"
- In reply to: Carey Frisch [MVP]: "Re: Encrypting File System"
- Next in thread: Jupiter Jones [MVP]: "Re: Encrypting File System"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 11 May 2004 16:15:19 -0700
The default algo used by XP RTM is not the same as the default algo for
SP1+, but that doesn't mean that every install of the OS has a different
algo. An upgrade to SP1 or later solves the problem in 329741.
The real problem in this case is that the keys are gone. The app from
Elcomsoft won't be any help either - it grovels the keys out of the user's
%appdata% to decrypt the files.
-- Drew Cooper [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. "Carey Frisch [MVP]" <mrxp2004@nospamyahoo.com> wrote in message news:edFiYa3NEHA.3012@tk2msftngp13.phx.gbl... > Before you encrypt anything important, you should back up your > personal encryption certificate (with its associated private key) > and the recovery agent certificate to a floppy disk and store it in > a secure location. If you ever lose your original certificate > (because of a hard disk failure, for example), you can restore > the backup copy and regain access to your files. If you lose all > copies of your certificate (and no recovery agent certificates exist), > you won't be able to use your encrypted files. No back door exists, > nor is there any practical way to hack these files. > (If there were, it wouldn't be very good encryption.) > > HOW TO: Remove File Encryption in Windows XP > http://support.microsoft.com/default.aspx?scid=kb;EN-US;308993 > > Without a backup of the original Encryption Certificate Key, encrypted files > are unrecoverable as they will stay encrypted forever. There is no recovery > method since the encryption algorithm is now completely different with a > reinstall of Windows XP. > > See if the following articles help in any way: > > HOW TO: Take Ownership of a File or Folder in Windows XP > http://support.microsoft.com/default.aspx?scid=kb;en-us;308421 > > Best Practices for the Encrypting File System > http://support.microsoft.com/default.aspx?scid=kb;en-us;223316 > > Encrypting File System in Windows XP > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/deploy/CryptFS.asp > > EFS Files Appear Corrupted When You Open Them > http://support.microsoft.com/default.aspx?scid=kb;en-us;329741 > > Possible third-party solution: > > Advanced EFS Data Recovery 1.30 > http://www.softempire.com/advanced-efs-data-recovery.html > > > -- > Carey Frisch > Microsoft MVP > Windows XP - Shell/User > > Be Smart! Protect your PC! > http://www.microsoft.com/security/protect/ > > -------------------------------------------------------------------------- --------------------------------- > > "Captain Smegma" <charles at matchwalk dot com> wrote in message: > news:45C2A4CA-027E-4D0B-8B73-271A39984D2D@microsoft.com... > > |I recently had to re-install my OS from scratch. Whilst there's nothing unusual about that, I made the error > of not de-crypting some data I had on another disk first. Was that ever a mistake! > | I looked for assistance in the Help system and found several items of interest - eventually. The Help seems > to say that, in order to decrypt folders and files, you have to be a Recovery Agent. OK - how do I get to be > one? I find the instructions to create myself as a recovery agent and follow them to the letter. Actually, > that's not quite true - the last step is described incorrectly in the Help file, although well enough top make > me think I was doing what was required. And that's where everthing stops. The process does not work, at > least, not for me. I've logged on as the Administrator, who should have right automatically assigned and > nothing happens. I've logged on as the first of two accounts created after installion of the OS - creating > new accounts as the Administrator is supposed to transfer the status of default recovery agent to the > first-created account and again, nothing happens. I get the feeling from the Help text, that there should be > a file called *.cer somewhere but I cannot locate one. > | I've tried everything I can think of to get around the problem of not having the original private key and > NOTHING works for me. I've tried local restoration, remote restoration, doing a backup and restoring to a > FAT32 partition - everything that I can think of. The question is now - presumably Microsoft would allow > encrypted data to be decrypted by someone without the relevant key? Of course they would - it says so in the > Help system. But IT DOESN'T WORK LIKE IT SAYS ON THE PACKET! I'm getting increasingly frustrated and need to > know what I'm doing wrong or what extra slip of information I'm currently missing. Can anybody help, please? > | Thanks in advance. >
- Next message: bill: ""Another user is already running this application""
- Previous message: Prashanth Kaankadae [MSFT]: "RE: Trasferring product registration!"
- In reply to: Carey Frisch [MVP]: "Re: Encrypting File System"
- Next in thread: Jupiter Jones [MVP]: "Re: Encrypting File System"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
