Stuart McLachlan
stuart at lexacorp.com.pg
Mon Jun 7 07:11:11 CDT 2004
On 7 Jun 2004 at 13:36, Gustav Brock wrote: > Hi all > > How secure is this? Or to put it in other words: how likely is it that > someone picking up a lost laptop can not gain access to the content of > your encrypted files? > Doubtful security - see below. > We have a client requesting this level of security but our experience > with Windows 2000/XP native encryption is nil and we don't want to > "sell" the client false security. > A better bet for securing data is to use the freeware TrueCrypt Get it while you can from http://www.freewebs.com/thinker2004/ There's currently a dispute going on over the technology between TrueCrypt and SecurStar who bought Scramdisk and E4M and turned them into DriveCrypt, so www.truecrypt.org is currently down. or the commercial PGPDisk (freeware if you pick up a version of PGP prior to v6.5) Either of these will create a *very* secure partition or virtual drive on the laptop Just use that drive to store all data. If you don't have the passphrase to open the virtual drive, not only can't you access the data, you can't even tell that there is any data to be recovered. As for EFS: >From http://www.markusjansson.net/exp.html There is very little reason to use EFS on Win2k standalone installation since it does not offer real protection in Windows2k. It is possible to reset the administrators passphrase (even with Syskey enabled and stored in floppy) and login as admin. This can be done by simply booting the computer in other operating system and deleting the SAM file and manipulating the registry so that Windows does not want to have Syskey during startup. If Syskey is not present, resetting the administrators passphrase is much easier. Administrator can do many things and is the default recovery agent of EFS. In any case, once you have logged in as admin, you can decrypt all data encrypted with EFS in that computer. In theory, it *is* possible in standalone Windows 2000 to have secure EFS, but it is very, very, very complicated to archive. In theory, by exporting the administrators recovery certificate or designating some other recovery agent AND implementing Syskey to passphrase or floppy, it *might* be possible to prevent anyone from reading EFS encrypted files. It is always possible to login as administrator, but if the administrator does not have the recovery keys, he cant decrypt EFS files... And since the Syskey *prevents* tampering the other accounts, it is in *theory* safe (if hacker deletes SAM file, then other accounts loose their vital piece of information and cant be used and therefore they cant get access to private key). But in practise...well...who really knows? I STRONGLY recommend not to use EFS in Windows 2000 unless the computer is a part of domain and the settings/security policies are good and the actual computer where the certificates are stored is in safe place so nobody can get a physical access to it and Syskey for each computer is stored in passphrase or in floppy format. Use PGPdisk instead and you dont have to worry about these kinds of issues with Windows 2000! -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support.