Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Hard Drive Encrypting

From: "Steve Wilson" <S.Wilson () eris qinetiq com>
Date: Fri, 20 Jun 2003 12:36:13 +0100
-----Original Message-----
From: Allan Foster [mailto:AllanF () lpa state ks us]

I have found EFS to be effective only as long as the encrypted
file is on a Windows 2000/XP machine.  As soon as you copy it to
a computer with a different operating system, the file is decrypted.

Allan Foster, CISA, CISSP
Principal IS Auditor
Legislative Post Audit


Erm, am I missing something here?

Surely a file system (in the sense it's being discussed here) is only
concerned with the local storage of data. You yourself are decrypting the
file when you copy it the other machine (or decrypting/re-encrypting if
you're copying it to another 2K/XP box with EFS).

Would you expect the particularities of a file under any given file system
to be the same if you copied the file to a differing file system? It's like
saying "I always wondered why my NTFS compressed files started taking up
more room when I copied them onto floppy disk, then off onto a FAT hard
disk." ;-p  You're limited by the functionality of the file system you're
copying the file to, not the file system you're copying it from.

Are you perhaps more conversant with file crypto software (which, obviously
would stay the same regardless of OS and FS) rather than low level disk
crypto? Don't forget - EFS is intended to protect the entire hard disk from
unauthorised access - not to specifically encrypt files for safe
transmission.

Just my ?0.02,

Cheers,

Steve.

--
Stephen Wilson
Senior Security Consultant
Security Health Check

L305/9, QinetiQ, St Andrews Rd, Malvern, Worcs, WR14 3PS
Tel: 01684 894153  Fax: 01684 897417

"The Information contained in this E-Mail and any subsequent correspondence
is private and is intended solely for the intended recipient(s). For those
other than the recipient any disclosure, copying, distribution, or any
action taken or omitted to be taken in reliance on such information is
prohibited and may be unlawful."


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: