Re: Encrypted File Systems

["Adam Newhard" <atnewhard () microstrain com>]

I'm guessing you're looking into a pretty much automatic, hey i put in my
password at login so don't even make it appear as though my files are
encrypted.  in terms of efs, a quick google search gives a lot of "windows
efs gets thumbs up"...take 10 minutes to search the right thing and it's
covered in security warnings, esp known plaintext attacks (but the real
question is, what m$ program DOESN'T get a lot of advisories).
check out here (sorry, google cache):
http://216.239.37.104/search?q=cache:SkeyE9SiAawJ:www.colmancomm.com/news/20010612efs.htm+windows+efs+security+advisory&hl=en&ie=UTF-8
If you're looking into a good solution, from my experiences and from the
people i've talked to about this, look into pgpdisk
(http://www.pgpi.org/products/pgpdisk/ freeware v6.02i and
http://www.pgpi.org/products/pgp/versions/commercial/ commercial v6.52i...i
didn't look into improvements/updates on either of those).  I'm gonna guess
you know what pgpdisk does, but if you don't it basically creates a
container that mounts as a hard drive when you enter your passphrase and
will unmount after so many minutes of being idle.  It's nice b/c to backup
(make sure you backup your keys and give them to a troll who lives 2000
miles below the surface) all you have to do is copy that entire container
ove to a tape and it stays pretty and encrypted.  It's basically loop-aes
(http://sourceforge.net/projects/loop-aes/) for winbloze.
Hope this helps,
adam
----------------------------------------------------
Adam Newhard
Microstrain, Inc.
If vegetarians eat vegetables, watch out for humanitarians


----- Original Message ----- 
From: "Ricardo Oliva" <ricardo () zoology ubc ca>
To: <security-basics () securityfocus com>
Sent: Wednesday, July 30, 2003 1:29 PM
Subject: Encrypted File Systems


> Hi,
>
> I am just trying to get some info on the best method available for having
> files encrypted on a system. This is a laptop that is going to be used
> outside our physical environment and I would like to make sure that info i
s
> not accessed in case of the laptop going missing, etc...
>
> I understand that the Windows EFS implementation had some issues on win2k,
> and that the XP implementation is slightly better. Any comments on that?
>
> Any solutions for win98?
>
> Thanks in advance.
>
> Regards,
> -- 
> Ricardo Oliva
> Labs Systems Administrator
> Zoology Department
> University of British Columbia
> Ph.: 604-822-3882
> E-mail: ricardo () zoology ubc ca
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
--
>



---------------------------------------------------------------------------
----------------------------------------------------------------------------