Bugtraq mailing list archives
Re: BugTraq: EFS Win 2000 flaw
From: Rickard Berglind <Rickard.Berglind () EIKNES SE>
Date: Thu, 25 Jan 2001 16:29:08 +0100
Scott Culp, Security Program Manager wrote :
While EFS does indeed work as Rickard discusses, this is not new information. For instance, "Encrypting File System for Windows 2000" (http://www.microsoft.com/WINDOWS2000/library/howitworks/security/encr ypt.asp, p 22) notes the following:
Since this white paper repeatedly stated that EFS will guard user's data against attackers with physical access to the disk it might seem a little strange to deliberately leave data in plain text. With all respect, personally I am not sure if the fact that you did know about this behaviour makes anything better or worse. From the same white paper, same page as noted earlier: "An individual with physical access to the machine could potentially attempt sophisticated attacks by going to the disk directly. Attempts to read the data this way will fail because it is encrypted" This is obviously not the entire truth because it only addresses the encrypted file, which I am sure, is hard to gain access to. For a programming layman it seems like a minor problem to include code to properly overwrite the old file. For your information: I did write to Microsoft both in Sweden and in the US about one month ago and reporting what I found, but have not yet received any response. Perhaps because this fact was known and expected. regards, Rickard Berglind
Current thread:
- Re: BugTraq: EFS Win 2000 flaw, (continued)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Bryce Walter (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Russ (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Fulmer, John (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Grubin, Ben (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw Abe Getchell (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw John Wiltshire (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw Ryan Russell (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw Ben Greenbaum (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw Rickard Berglind (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Rickard Berglind (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Rickard Berglind (Jan 26)