Educause Security Discussion mailing list archives
Re: Data on sensitive computers
From: Dave Koontz <dkoontz () MBC EDU>
Date: Fri, 22 Apr 2005 15:58:35 -0400
While Windows EFS may be "less vulnerable" than un-encrypted files, I would personally opt for stronger products like PGPDisk, SecurStar's DriveCrypt / DriveCrypt Plus Pak, StrongDisk, BestCrypt, etc. If my understanding is correct, EFS is a very weak encryption process and can be easily defeated by various commerical or free products. For example, consider the ElcomSoft "Advanced EFS Data Recovery" product. http://www.elcomsoft.com/aefsdr.html. While I've not experimented with this program or others like it, their mere existence makes me very leary of Microsoft's encryption. --- PRODUCT DESCRIPTION --- Advanced EFS Data Recovery (or simply AEFSDR) is a program to recover (decrypt) files encrypted on NTFS (EFS) partitions created in Windows 2000, Windows XP and Windows Server 2003. Files are being decrypted even in a case when the system is not bootable and so you cannot log on, and/or some encryption keys have been tampered. Besides, decryption is possible even when Windows is protected using SYSKEY. AEFSDR effectively (and instantly) decrypts the files protected under all versions Windows Server 2003 (Standard and Enterprise), Windows XP (including Service Packs 1 and 2) and Windows 2000 (including Service Packs 1, 2, 3 and 4). -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin Shalla Sent: Friday, April 22, 2005 1:50 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Data on sensitive computers Has anyone implemented the Encrypting File System under Windows laptops to make the data less vulnerable to theft? At 09:43 AM 4/22/2005, Samuel Liles wrote:
-----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jon E. Mitchiner Sent: Friday, April 22, 2005 9:36 AM This brings up interesting questions. Are there security measures that your school takes to protect sensitive computers/laptops/hard drives (such as Accounting, Health Services, etc?) Do you force all sensitive data to be saved on a remote server in a secure location (perhaps utilizing Terminal Services)? I am starting to wonder if this is something that we should investigate into with sensitive departments so if the hard drives are stolen then we'd like to know there's not much we should be worried about. -----End Original Message----- Since I have some of the same issues that the UC Berkley Prof was discussing I've been looking at http://www.pointsec.com/core/default.asp as a possible solution. Unknown at this point if it would actually work, if there is a performance hit, or other issues. It would be nice to get for evaluation. It would seem to solve the Knoppix CD in the CDROM drive issue.
Along with BIOS passwords, Grub Passwords, and encrypted file systems.
-------------------------- Sam Liles
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Re: Data on sensitive computers Kevin Shalla (Apr 22)
- <Possible follow-ups>
- Re: Data on sensitive computers Steve Brukbacher (Apr 22)
- Re: Data on sensitive computers Dave Koontz (Apr 22)
- Re: Data on sensitive computers Schmidt, Eric W (Apr 25)