funsec mailing list archives

Stolen laptops and the Windows encrypted file system?

From: "Richard M. Smith" <rms () bsf-llc com>
Date: Tue, 28 Mar 2006 10:08:20 -0500

Hi,    
 
Could Fidelity Investments have saved itself a lot of grief last week after
one of its laptop was stolen with customer data on it had the company used
the encrypted file system (EFS) which is built into Windows XP?  Here's a
Microsoft write-up on this feature of Windows:
 
   Encrypting File System overview
   http://tinyurl.com/qfat4
 
An encrypted folder takes less than a minute to set up and requires no
special actions to use it except that one must remember to store
confidential files in the encrypted folder.
 
However, encryption keys for the encrypted file system are protected by the
password for a Windows login.  This services claims to be able to crack
login passwords:

   http://www.loginrecovery.com/

Is EFS only effective then against attackers who don't know about this
service?

Richard M. Smith


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Stolen laptops and the Windows encrypted file system? Richard M. Smith (Mar 28)
- <Possible follow-ups>
- RE: Stolen laptops and the Windows encrypted file system? Young, Keith (Mar 28)
  - RE: Stolen laptops and the Windows encrypted file system? Richard M. Smith (Mar 28)
    - Re: Stolen laptops and the Windows encrypted file system? Valdis . Kletnieks (Mar 28)
    - Re: Stolen laptops and the Windows encrypted file system? Ahmad Elkhatib (Mar 29)
    - RE: Stolen laptops and the Windows encrypted file system? Richard M. Smith (Mar 29)
    - Re: Stolen laptops and the Windows encrypted file system? Ron (Mar 29)
    - RE: Stolen laptops and the Windows encrypted file system? Henderson, Dennis K. (Mar 29)
    - Re: Stolen laptops and the Windows encrypted file system? coderman (Mar 30)