Re: BugTraq: EFS Win 2000 flaw

[Kirk Corey <kcorey () dsi-inc net>]

> -----Original Message-----
> From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of
> Attonbitus Deus
> Sent: Thursday, January 25, 2001 1:26 AM
> To: BUGTRAQ () SECURITYFOCUS COM
> Subject: Re: BugTraq: EFS Win 2000 flaw

<snip>

> Running to the docs?  Come on, man- all anyone has to do is a simple
> Start-Help-"File Encryption" and they get plenty of
> information on what to
> do and what not to do.  It's not like we are talking about
> doing hours of
> research to uncover the hidden truth about temp file
> creation.  The simple
> point is that recommended procedures obviate the issue in
> this case.  That's
> that.  Microsoft is very clear about the propensity for
> files, even temp
> ones, to be written in the clear in other circumstances.
When I got to Start-Help-"File Encryption", it does tell me that I should
encrypt the folder and the file, but does not tell me that I should never
have created the file in an unencrypted state to begin with.  So, to get the
MS-recommended procedure, you do have to run to the docs (or Bugtraq).

I would also note that Microsoft's MCSE study guide for Windows 2000
Professional does recommend using encrypted folders, but does not explain
why (at least, not with reference to the issue at hand).  Nor does it
explain that what you want to do is to encrypt the folder, and then create
new files within it; the reader could easily assume that if they start with
an encrypted folder, and then move unencrypted files to that folder, they
have followed MS recommendations.

My $.02

Kirk

--------------------------------------------
Kirk Corey, MCP, CCNA
Manager, Information Technologies
Diversified Software Industries, Inc.
kcorey () dsi-inc net
http://www.dsi-inc.net/