Re: Microsoft shutters Windows private folders

["Dude VanWinkle" <dudevanwinkle () gmail com>]

On 7/16/06, Peter Kosinar <goober () nuf ksp sk> wrote:
> > Weither or not you have good or evil admins they are not gods.
> > Just because they administer networks and systems doesn't
> > mean that should have access to the data on the systems and
> > the network they administer.
> >
> > Either way... there's no such thing as absolute security and
> > using EFS, Private Folders, other data encryption mechanisms
> > makes it much harder to compromise data confidentiality.
>
> Right but it has already been pointed out that it's virtually impossible
> to protect the data from the evil admin (yes, proper infrastructure -can-
> help a lot but, as you've said, there is no such thing as absolute
> security).
>
> Moreover, the C*O's are very often a bit strange people -- WHEN they
> forget/delete their password/passphrase/secret key/..., they EXPECT help
> from the very admin they were trying to protect their data from and even
> BLAME him/her for their own mistake if (s)he can't help.
>
> > If I use the same logic about bypassing protection mechanisms
> > than I can say that a safe in a secret bunker with an army of guards
> > can't protect CEO's data either... All I have to do is inject him with
> > a poison that activates within 2 hours if an antidote is not given...
>
> Right. It's the weakest link that matters, not the strongest one. If it is
> the machine, it'll get attacked. If it is the CEO, (s)he'll get attacked.


The reason I was against the inclusion of private folders was not
because it hides data, but simply due to the fact that someone who
didnt know what they were doing would potentially have access to
encryption software. It can be installed by a tech if its required,
but giving that capability by default to every windows user you have
can lead to bad things.

I had a scary incident with an encrypted folder and a high level end
user. His wife told him about windows encryption and we hadnt
explicitly disabled it with a GPO, so he promptly encrypted a file and
forgot his password. He was a little embarrassed about it, and I only
found out due to the roaming profile and the fact that we couldnt get
a successful backup.

Luckily EFS is cheesy and the domain admin can unlock everything, but
can you imagine if it was a good implementation of an encrypted file
system?


-JP<who is glad you have to be a local admin to turn on bitlocker, but
still wants a GPO to disable it altogether>
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.