|
| If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|||||||
|
|
Thread Tools | Display Modes |
|
|
|
#1
October 4th 08, 12:57 AM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
Help with EFS
Hello
(Apologies for crosspost, I do not know where to post it. Searched something similar without result.) I'm new to EFS. I would understand how to use it and to expect from it. I have read many sites and many theory but not much I have found in practice. I have done the following things. I have crypted some files using the property tab of a directory. After, I have exported the private key in a separate file. I have set the flag delete if successful export, and it told me something like "you can not anymore delete or decrypt..." I am confused now, because I CAN STILL open and do everything with these files. So, what is the point of exporting and deleting the key??? Maybe it has still it somewhere, I thought... So, I went in the same snap in console and I deleted under certificates- personal the entry with my account name, and under reliable accounts I did same thing. After this, I CAN STILL open and do everything with these encrypted files. So, I changed the admin password and (obviously)... after this, I CAN STILL open and do everything with these encrypted files! I do not understand what to do to render unusable these files without the little key file I have removed from PC (everyone says put in floppy - no floppy from years ago here - and keep safe, ok but what is this? if i still access the files) If someone steal the hard disk and reset the admin password with some utilities, he can still read these files? EFS work only if the disk is put in another PC as slave? Please help or address to a pratical tutorial... Thx 
|
|
#2
October 4th 08, 01:28 AM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
h128 wrote:
Hello (Apologies for crosspost, I do not know where to post it. Searched something similar without result.) I'm new to EFS. I would understand how to use it and to expect from it. I have read many sites and many theory but not much I have found in practice. I have done the following things. I have crypted some files using the property tab of a directory. After, I have exported the private key in a separate file. I have set the flag delete if successful export, and it told me something like "you can not anymore delete or decrypt..." I am confused now, because I CAN STILL open and do everything with these files. So, what is the point of exporting and deleting the key??? Maybe it has still it somewhere, I thought... So, I went in the same snap in console and I deleted under certificates- personal the entry with my account name, and under reliable accounts I did same thing. After this, I CAN STILL open and do everything with these encrypted files. So, I changed the admin password and (obviously)... after this, I CAN STILL open and do everything with these encrypted files! I do not understand what to do to render unusable these files without the little key file I have removed from PC (everyone says put in floppy - no floppy from years ago here - and keep safe, ok but what is this? if i still access the files) If someone steal the hard disk and reset the admin password with some utilities, he can still read these files? EFS work only if the disk is put in another PC as slave? Please help or address to a pratical tutorial... Yes. You can access them with your account without any input. Silently.. However - if someone changes your password using a method other than logging in with your current password and changing it as you (say someone with administrative rights resets it) - then those files cannot be accessed by you (nor could they ever have been accessed by anyone else on the computer.) That's where exporting the key comes in. Best practices for the Encrypting File System http://support.microsoft.com/kb/223316 You also want to know that you might have to change other things when using EFS in order to secure it more fully. Where Does EFS Fit into your Security Plan? http://www.windowsecurity.com/articl...rity_Plan.html What is EFS? How can I use it to protect my files and folders? http://www.petri.co.il/what's_efs.htm -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html
|
|
#3
October 4th 08, 02:09 AM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
Shenan Stanley wrote:
h128 wrote: Hello (Apologies for crosspost, I do not know where to post it. Searched something similar without result.) I'm new to EFS. I would understand how to use it and to expect from it. I have read many sites and many theory but not much I have found in practice. I have done the following things. I have crypted some files using the property tab of a directory. After, I have exported the private key in a separate file. I have set the flag delete if successful export, and it told me something like "you can not anymore delete or decrypt..." I am confused now, because I CAN STILL open and do everything with these files. So, what is the point of exporting and deleting the key??? Maybe it has still it somewhere, I thought... So, I went in the same snap in console and I deleted under certificates- personal the entry with my account name, and under reliable accounts I did same thing. After this, I CAN STILL open and do everything with these encrypted files. So, I changed the admin password and (obviously)... after this, I CAN STILL open and do everything with these encrypted files! I do not understand what to do to render unusable these files without the little key file I have removed from PC (everyone says put in floppy - no floppy from years ago here - and keep safe, ok but what is this? if i still access the files) If someone steal the hard disk and reset the admin password with some utilities, he can still read these files? EFS work only if the disk is put in another PC as slave? Please help or address to a pratical tutorial... Yes. You can access them with your account without any input. Silently.. However - if someone changes your password using a method other than logging in with your current password and changing it as you (say someone with administrative rights resets it) - then those files cannot be accessed by you (nor could they ever have been accessed by anyone else on the computer.) That's where exporting the key comes in. Best practices for the Encrypting File System http://support.microsoft.com/kb/223316 You also want to know that you might have to change other things when using EFS in order to secure it more fully. Where Does EFS Fit into your Security Plan? http://www.windowsecurity.com/articl...rity_Plan.html What is EFS? How can I use it to protect my files and folders? http://www.petri.co.il/what's_efs.htm Thank you very much for your answer. I was experimenting EFS in an expendable WinXP PC, my real problem is a server where an SQL Server resides. It seems the sole mode to secure database files is encrypting the whole file system (apart crypt any single column of any table...), otherwise it is possible to copy them in another SQL Server installation (reading customers and credit cards and so on, it is the usual eshop site...), so EFS jumped in. I was worried a physical access to the machine could compromise privacy, like resetting administrator password from outside after grabbing the hard disk. Do you think there are further details for my specific problem, or the info and links you provided is enough and cover any use of the encryption?
|
|
#4
October 4th 08, 11:19 PM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
"h128" wrote in message
. .. Shenan Stanley wrote: h128 wrote: Hello (Apologies for crosspost, I do not know where to post it. Searched something similar without result.) I'm new to EFS. I would understand how to use it and to expect from it. I have read many sites and many theory but not much I have found in practice. I have done the following things. I have crypted some files using the property tab of a directory. After, I have exported the private key in a separate file. I have set the flag delete if successful export, and it told me something like "you can not anymore delete or decrypt..." I am confused now, because I CAN STILL open and do everything with these files. So, what is the point of exporting and deleting the key??? Maybe it has still it somewhere, I thought... So, I went in the same snap in console and I deleted under certificates- personal the entry with my account name, and under reliable accounts I did same thing. After this, I CAN STILL open and do everything with these encrypted files. So, I changed the admin password and (obviously)... after this, I CAN STILL open and do everything with these encrypted files! Yes. And at that point, it'd be a good idea to update the exported credential disk. However, if you now create another Admin level account and change the password of that original account from there, you will find that you no longer have decrypt access, until you re-import the credentials. The same will happen if you boot with a Linux password-reset tool and change it that way. I do not understand what to do to render unusable these files without the little key file I have removed from PC (everyone says put in floppy - no floppy from years ago here - and keep safe, ok but what is this? if i still access the files) If someone steal the hard disk and reset the admin password with some utilities, he can still read these files? No. In that case, they'll see the files, but only in encrypted format. Since you have a test system, which is great, you can show this to yourself. Easy to do with a $25 USB2 drive adapter. EFS work only if the disk is put in another PC as slave? EFS will allow decrypt access *if* you enter the account via a normal logon. If the password was reset from outside, decrypt is lost until the credentials are re-imported. Please help or address to a pratical tutorial... Yes. You can access them with your account without any input. Silently.. However - if someone changes your password using a method other than logging in with your current password and changing it as you (say someone with administrative rights resets it) - then those files cannot be accessed by you (nor could they ever have been accessed by anyone else on the computer.) That's where exporting the key comes in. Best practices for the Encrypting File System http://support.microsoft.com/kb/223316 You also want to know that you might have to change other things when using EFS in order to secure it more fully. Where Does EFS Fit into your Security Plan? http://www.windowsecurity.com/articl...rity_Plan.html What is EFS? How can I use it to protect my files and folders? http://www.petri.co.il/what's_efs.htm Thank you very much for your answer. I was experimenting EFS in an expendable WinXP PC, my real problem is a server where an SQL Server resides. I'd like to say it's great to hear that you are trying this out for yourself on an expendable system rather than on real data. It seems the sole mode to secure database files is encrypting the whole file system (apart crypt any single column of any table...), otherwise it is possible to copy them in another SQL Server installation You probably want to see this happen yourself. Log onto your test machine and copy some encrypted data to a folder on another system, or even a disk. You'll likely find that the copy is not encrypted because you have the correct credentials. Then, reverse the process - try connecting to the test system by way of another system - just browse the network, find the encrypted file, and copy it. Compare your results. (reading customers and credit cards and so on, it is the usual eshop site...), This may mean that there are legal requirements you must meet regarding data protection. You need to investigate this. so EFS jumped in. I was worried a physical access to the machine could compromise privacy, You are right to. Physical access definitely compromises privacy. If someone can sit at the keyboard, the data is vulnerable. like resetting administrator password from outside after grabbing the hard disk. That's actually "safer" than having an unauthorised person sitting at the keyboard. And it's also part of why you need to be sure you have really good backups. This is one of the key features - and problems - with EFS. If the password is changed from outside the account, the credentials are invalidated and at that moment decrypt access to encrypted data is permanently lost, UNLESS the original account credentials are re-imported. Restoring the original password won't fix it. You need the credentials. This becomes a problem is when a Windows reinstall is done, which disrupts the credentials, and the user didn't export the originals. For you, it would also be a problem if that were your only copy of the data, or if the backups required the original credentials and you no longer have them. If you've stored them on the same hard disk in an unencrypted area, they are available to everybody. If you stored them in an encrypted area, nobody gets them. They should be on an external disk in a very secure location, with regular refreshes. One copy only is not really a great idea. As to floppies - yes, XP wants to export to floppies, get a $20 external USB floppy drive. It's a handy tool to have around. Do you think there are further details for my specific problem, or the info and links you provided is enough and cover any use of the encryption? You need to continue to test so you understand what's happening, and examine privacy legislation in your area to see what is legally required and what other companies do to comply with it. You also need to deal with the physical access issue, as well as secure and current backups. Be sure you can restore them to another system. EFS offers strong encryption that is easy to use and can help you, but you also need to understand its limitations adnd implications and how they can hurt you. HTH -pk
|
|
#5
October 4th 08, 11:33 PM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
From: "Patrick Keenan"
| "h128" wrote in message | . .. Shenan Stanley wrote: h128 wrote: Hello (Apologies for crosspost, I do not know where to post it. Searched something similar without result.) I'm new to EFS. I would understand how to use it and to expect from it. I have read many sites and many theory but not much I have found in practice. I have done the following things. I have crypted some files using the property tab of a directory. After, I have exported the private key in a separate file. I have set the flag delete if successful export, and it told me something like "you can not anymore delete or decrypt..." I am confused now, because I CAN STILL open and do everything with these files. So, what is the point of exporting and deleting the key??? Maybe it has still it somewhere, I thought... So, I went in the same snap in console and I deleted under certificates- personal the entry with my account name, and under reliable accounts I did same thing. After this, I CAN STILL open and do everything with these encrypted files. So, I changed the admin password and (obviously)... after this, I CAN STILL open and do everything with these encrypted files! | Yes. And at that point, it'd be a good idea to update the exported | credential disk. | However, if you now create another Admin level account and change the | password of that original account from there, you will find that you no | longer have decrypt access, until you re-import the credentials. | The same will happen if you boot with a Linux password-reset tool and change | it that way. I do not understand what to do to render unusable these files without the little key file I have removed from PC (everyone says put in floppy - no floppy from years ago here - and keep safe, ok but what is this? if i still access the files) If someone steal the hard disk and reset the admin password with some utilities, he can still read these files? | No. In that case, they'll see the files, but only in encrypted format. | Since you have a test system, which is great, you can show this to yourself. | Easy to do with a $25 USB2 drive adapter. EFS work only if the disk is put in another PC as slave? | EFS will allow decrypt access *if* you enter the account via a normal logon. | If the password was reset from outside, decrypt is lost until the | credentials are re-imported. Please help or address to a pratical tutorial... Yes. You can access them with your account without any input. Silently.. However - if someone changes your password using a method other than logging in with your current password and changing it as you (say someone with administrative rights resets it) - then those files cannot be accessed by you (nor could they ever have been accessed by anyone else on the computer.) That's where exporting the key comes in. Best practices for the Encrypting File System http://support.microsoft.com/kb/223316 You also want to know that you might have to change other things when using EFS in order to secure it more fully. Where Does EFS Fit into your Security Plan? http://www.windowsecurity.com/articl..._Security_Plan. html What is EFS? How can I use it to protect my files and folders? http://www.petri.co.il/what's_efs.htm Thank you very much for your answer. I was experimenting EFS in an expendable WinXP PC, my real problem is a server where an SQL Server resides. | I'd like to say it's great to hear that you are trying this out for yourself | on an expendable system rather than on real data. It seems the sole mode to secure database files is encrypting the whole file system (apart crypt any single column of any table...), otherwise it is possible to copy them in another SQL Server installation | You probably want to see this happen yourself. Log onto your test machine | and copy some encrypted data to a folder on another system, or even a disk. | You'll likely find that the copy is not encrypted because you have the | correct credentials. | Then, reverse the process - try connecting to the test system by way of | another system - just browse the network, find the encrypted file, and copy | it. Compare your results. (reading customers and credit cards and so on, it is the usual eshop site...), | This may mean that there are legal requirements you must meet regarding data | protection. You need to investigate this. so EFS jumped in. I was worried a physical access to the machine could compromise privacy, | You are right to. Physical access definitely compromises privacy. If | someone can sit at the keyboard, the data is vulnerable. like resetting administrator password from outside after grabbing the hard disk. | That's actually "safer" than having an unauthorised person sitting at the | keyboard. And it's also part of why you need to be sure you have really | good backups. | This is one of the key features - and problems - with EFS. If the password | is changed from outside the account, the credentials are invalidated and at | that moment decrypt access to encrypted data is permanently lost, UNLESS the | original account credentials are re-imported. Restoring the original | password won't fix it. You need the credentials. | This becomes a problem is when a Windows reinstall is done, which disrupts | the credentials, and the user didn't export the originals. | For you, it would also be a problem if that were your only copy of the data, | or if the backups required the original credentials and you no longer have | them. | If you've stored them on the same hard disk in an unencrypted area, they are | available to everybody. If you stored them in an encrypted area, nobody | gets them. They should be on an external disk in a very secure location, | with regular refreshes. One copy only is not really a great idea. | As to floppies - yes, XP wants to export to floppies, get a $20 external USB | floppy drive. It's a handy tool to have around. Do you think there are further details for my specific problem, or the info and links you provided is enough and cover any use of the encryption? | You need to continue to test so you understand what's happening, and examine | privacy legislation in your area to see what is legally required and what | other companies do to comply with it. You also need to deal with the | physical access issue, as well as secure and current backups. Be sure | you can restore them to another system. | EFS offers strong encryption that is easy to use and can help you, but you | also need to understand its limitations adnd implications and how they can | hurt you. | HTH | -pk EFS is NOT dependent upon the account password. EFS is dependent upon a OS (or Domain) generated EFS Certificate that is stored in the Personal Certificate Store. Example: I logon to this PC as "lipman" and I have captured a picture of the view of my Personal Certificate Store showing the OS generated EFS certificate { Note: I removed my Smart Card certs from my personal store first :-) } You will note this the gernerated certificate has a life span of ~100 years. A life expectancy to outlast the encrypted data and as long as this cert. stays in my personal store I can decrypt the encrypted files. NOTE: Files and folders that are encrypted will show in GREEN colour in Explorer views. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
|
#6
October 5th 08, 01:31 AM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
David H. Lipman wrote:
From: "Patrick Keenan" | "h128" wrote in message | . .. Shenan Stanley wrote: h128 wrote: Hello (Apologies for crosspost, I do not know where to post it. Searched something similar without result.) I'm new to EFS. I would understand how to use it and to expect from it. I have read many sites and many theory but not much I have found in practice. I have done the following things. I have crypted some files using the property tab of a directory. After, I have exported the private key in a separate file. I have set the flag delete if successful export, and it told me something like "you can not anymore delete or decrypt..." I am confused now, because I CAN STILL open and do everything with these files. So, what is the point of exporting and deleting the key??? Maybe it has still it somewhere, I thought... So, I went in the same snap in console and I deleted under certificates- personal the entry with my account name, and under reliable accounts I did same thing. After this, I CAN STILL open and do everything with these encrypted files. So, I changed the admin password and (obviously)... after this, I CAN STILL open and do everything with these encrypted files! | Yes. And at that point, it'd be a good idea to update the exported | credential disk. | However, if you now create another Admin level account and change the | password of that original account from there, you will find that you no | longer have decrypt access, until you re-import the credentials. | The same will happen if you boot with a Linux password-reset tool and change | it that way. I do not understand what to do to render unusable these files without the little key file I have removed from PC (everyone says put in floppy - no floppy from years ago here - and keep safe, ok but what is this? if i still access the files) If someone steal the hard disk and reset the admin password with some utilities, he can still read these files? | No. In that case, they'll see the files, but only in encrypted format. | Since you have a test system, which is great, you can show this to yourself. | Easy to do with a $25 USB2 drive adapter. EFS work only if the disk is put in another PC as slave? | EFS will allow decrypt access *if* you enter the account via a normal logon. | If the password was reset from outside, decrypt is lost until the | credentials are re-imported. Please help or address to a pratical tutorial... Yes. You can access them with your account without any input. Silently.. However - if someone changes your password using a method other than logging in with your current password and changing it as you (say someone with administrative rights resets it) - then those files cannot be accessed by you (nor could they ever have been accessed by anyone else on the computer.) That's where exporting the key comes in. Best practices for the Encrypting File System http://support.microsoft.com/kb/223316 You also want to know that you might have to change other things when using EFS in order to secure it more fully. Where Does EFS Fit into your Security Plan? http://www.windowsecurity.com/articl..._Security_Plan. html What is EFS? How can I use it to protect my files and folders? http://www.petri.co.il/what's_efs.htm Thank you very much for your answer. I was experimenting EFS in an expendable WinXP PC, my real problem is a server where an SQL Server resides. | I'd like to say it's great to hear that you are trying this out for yourself | on an expendable system rather than on real data. It seems the sole mode to secure database files is encrypting the whole file system (apart crypt any single column of any table...), otherwise it is possible to copy them in another SQL Server installation | You probably want to see this happen yourself. Log onto your test machine | and copy some encrypted data to a folder on another system, or even a disk. | You'll likely find that the copy is not encrypted because you have the | correct credentials. | Then, reverse the process - try connecting to the test system by way of | another system - just browse the network, find the encrypted file, and copy | it. Compare your results. (reading customers and credit cards and so on, it is the usual eshop site...), | This may mean that there are legal requirements you must meet regarding data | protection. You need to investigate this. so EFS jumped in. I was worried a physical access to the machine could compromise privacy, | You are right to. Physical access definitely compromises privacy. If | someone can sit at the keyboard, the data is vulnerable. like resetting administrator password from outside after grabbing the hard disk. | That's actually "safer" than having an unauthorised person sitting at the | keyboard. And it's also part of why you need to be sure you have really | good backups. | This is one of the key features - and problems - with EFS. If the password | is changed from outside the account, the credentials are invalidated and at | that moment decrypt access to encrypted data is permanently lost, UNLESS the | original account credentials are re-imported. Restoring the original | password won't fix it. You need the credentials. | This becomes a problem is when a Windows reinstall is done, which disrupts | the credentials, and the user didn't export the originals. | For you, it would also be a problem if that were your only copy of the data, | or if the backups required the original credentials and you no longer have | them. | If you've stored them on the same hard disk in an unencrypted area, they are | available to everybody. If you stored them in an encrypted area, nobody | gets them. They should be on an external disk in a very secure location, | with regular refreshes. One copy only is not really a great idea. | As to floppies - yes, XP wants to export to floppies, get a $20 external USB | floppy drive. It's a handy tool to have around. Do you think there are further details for my specific problem, or the info and links you provided is enough and cover any use of the encryption? | You need to continue to test so you understand what's happening, and examine | privacy legislation in your area to see what is legally required and what | other companies do to comply with it. You also need to deal with the | physical access issue, as well as secure and current backups. Be sure | you can restore them to another system. | EFS offers strong encryption that is easy to use and can help you, but you | also need to understand its limitations adnd implications and how they can | hurt you. | HTH | -pk EFS is NOT dependent upon the account password. EFS is dependent upon a OS (or Domain) generated EFS Certificate that is stored in the Personal Certificate Store. Example: I logon to this PC as "lipman" and I have captured a picture of the view of my Personal Certificate Store showing the OS generated EFS certificate { Note: I removed my Smart Card certs from my personal store first :-) } You will note this the gernerated certificate has a life span of ~100 years. A life expectancy to outlast the encrypted data and as long as this cert. stays in my personal store I can decrypt the encrypted files. NOTE: Files and folders that are encrypted will show in GREEN colour in Explorer views. I think that if you were to change your password with a third party utiliy like Petter Nordahl's Offline Registry Editor you might find your certificate to be invalid. John
|
|
#7
October 5th 08, 07:07 PM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
Thank you all for the interesting thread. By the way, David, microsoft.public.security.crypto is not in my news server, sorry. Patrick Keenan wrote: Yes. And at that point, it'd be a good idea to update the exported credential disk. While it is everything you all said enough clear, this point leave me a doubt. I have tried exporting private key with the option "delete after successful exportation", after this, successive exports are not available, so I would ask what exactly you meant. In fact, it is not clear, if the OS deletes private key after the export, my doubt can be formulated such way (I am not saying it is not my fault if I have still doubts): it can still decrypt the files (without logging out, or changing password, or removing disks and so on...) so that key should be somewhere else on the system... so what it deleted? In another words, ff "all the necessary stuff for decryption (whatever this is)" remains on disk after removing that key after export, this "necessary stuff" is still there if the disk is physically stolen... or not? The same will happen if you boot with a Linux password-reset tool and change it that way. In fact, I am now a bit more secure about the disks removed without consent. I do know utilities for resetting passwords with a physical disk with installed Windows, but I do not know if there are similar programs for virtual Windows installations over some *nix machine as many economic ISP do for hosting. I'd like to say it's great to hear that you are trying this out for yourself on an expendable system rather than on real data. (that site is core of company, that was obvious for good common sense first...) As to floppies - yes, XP wants to export to floppies, get a $20 external USB floppy drive. It's a handy tool to have around. That was humorous, I meant every site I visited (before this newsgroup) said: store the key in a floppy, instead of "in a safe place" (an usb key for example). You need to continue to test so you understand what's happening, and examine privacy legislation in your area to see what is legally required and what other companies do to comply with it. You also need to deal with the physical access issue, as well as secure and current backups. Be sure you can restore them to another system. Actually it is easy that the legal requirements are different from technical ones, so when I am sure of a work I leave details to the company lawyer. I mean, if I can be sincere, I do not care so much of the LEGAL stuff, in front of the ILLEGAL stuff, like corrupt ISP employess lending disk images to another company, laptops with sensitive data forgotten on a taxi, or sold and found on ebay... So I think it is a lucky thing my new comapny choose an economic ISP without automated backup service, otherwise even if I encrypt now, maybe old unencrypted backup copies still exist somewhere in the ISP building! (better than nothing, for a thief) As for recovery, I never meant to rely of EFS for it. I backup data unencrypted and I crypt them with third part utility, I trust more, not for the raw level of encryption, but for these many dark details we are discussing here. EFS is just the first tool I wanted try for protection "on the fly", if the original disk is stolen or destroyed it is not a big issue using a 2 day old backup, compared with the disclosure of the database content. Again, thx to all.
|
|
#8
October 5th 08, 07:20 PM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
snipped
h128 wrote: snipped By the way, David, microsoft.public.security.crypto is not in my news server, sorry. For Microsoft related newsgroups - you should likely point your newsreader to news.microsoft.com or msnews.microsoft.com (as the server.) It's your best choice for reading Microsoft Newsgroups. http://www.microsoft.com/communities.../nntpnews.mspx Good Luck! -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html
|
|
#9
October 4th 08, 01:49 AM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
From: "h128"
| Hello | (Apologies for crosspost, I do not know where to post it. Searched | something similar without result.) | I'm new to EFS. | I would understand how to use it and to expect from it. I have read many | sites and many theory but not much I have found in practice. | I have done the following things. | I have crypted some files using the property tab of a directory. | After, I have exported the private key in a separate file. I have set | the flag delete if successful export, and it told me something like "you | can not anymore delete or decrypt..." | I am confused now, because I CAN STILL open and do everything with these | files. So, what is the point of exporting and deleting the key??? | Maybe it has still it somewhere, I thought... | So, I went in the same snap in console and I deleted under certificates- | personal the entry with my account name, and under reliable accounts I | did same thing. | After this, I CAN STILL open and do everything with these encrypted files. | So, I changed the admin password and (obviously)... after this, I CAN | STILL open and do everything with these encrypted files! | I do not understand what to do to render unusable these files without | the little key file I have removed from PC (everyone says put in floppy | - no floppy from years ago here - and keep safe, ok but what is this? if | i still access the files) | If someone steal the hard disk and reset the admin password with some | utilities, he can still read these files? EFS work only if the disk is | put in another PC as slave? | Please help or address to a pratical tutorial... | Thx A EFS certificate in in your personal Certificate Store. As long as that cert. is still in your store thaan you can decrypt the files. If you delete the EFS cert. from the store, your files are lost. That why you backup the cert. If the cert. is deleted from your personal cert. store you can restore the cert. and decrypt the files again. BTW: The news group needed and you didn't find is; microsoft.public.security.crypto -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
|
#10
October 4th 08, 02:11 AM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
David H. Lipman wrote:
BTW: The news group needed and you didn't find is; microsoft.public.security.crypto Thank you I will search it, it is years I do not enter in Usenet.
|
|
#11
October 5th 08, 06:31 PM
posted to microsoft.public.windowsxp.general,microsoft.public.windowsxp.help_and_support,microsoft.public.windowsxp.security_admin
|
|||
|
|||
|
Help with EFS
On Oct 4, 12:57*am, h128 wrote:
Hello (Apologies for crosspost, I do not know where to post it. Searched something similar without result.) I'm new to EFS. I would understand how to use it and to expect from it. I have read many sites and many theory but not much I have found in practice. I have done the following things. I have crypted some files using the property tab of a directory. After, I have exported the private key in a separate file. I have set the flag delete if successful export, and it told me something like "you can not anymore delete or decrypt..." I am confused now, because I CAN STILL open and do everything with these files. So, what is the point of exporting and deleting the key??? Maybe it has still it somewhere, I thought... So, I went in the same snap in console and I deleted under certificates- personal the entry with my account name, and under reliable accounts I did same thing. After this, I CAN STILL open and do everything with these encrypted files.. So, I changed the admin password and (obviously)... after this, I CAN STILL open and do everything with these encrypted files! I do not understand what to do to render unusable these files without the little key file I have removed from PC (everyone says put in floppy - no floppy from years ago here - and keep safe, ok but what is this? if i still access the files) If someone steal the hard disk and reset the admin password with some utilities, he can still read these files? EFS work only if the disk is put in another PC as slave? Please help or address to a pratical tutorial... Thx http://www.microsoft.com/technet/sec..._data_efs.mspx Hope this helps, h128. Good luck
|
| Thread Tools | |
| Display Modes | |
|
|
Hybrid Mode
