Security Basics mailing list archives
RE: Encryption on Laptops?
From: "Simon and Sara Zuckerbraun" <szucker () rcn com>
Date: Thu, 18 Mar 2004 19:52:43 -0600
EFS is not broken. (It's not a panacea either.) I took a look at the info on FTK (http://www.frontiersolutions.biz/accessdataftk.htm). What this seems to be is a tool for scanning a hard drive for clues to a user's password, etc. This could be useful towards the end goal of decrypting files, but it can't just "break through" EFS encryption. I googled on EFS and accessdata FTK and found a very nicely written paper, "Practical Approaches to Recovering Encrypted Digital Evidence" http://www.ijde.org/docs/02_fall_art4.pdf. It describes the techniques that an investigator might use when attempting to obtain evidence from encrypted files. The author is clearly aware of FTK, since he mentions it in the paper; what he says about FTK is that it can be used to seek out keywords present on a user's disks that may be useful in guessing a password or passphrase. Nevertheless the author considers EFS to be a formidable obstacle to accessing data, even if the investigator tries using FTK. Simon -----Original Message----- From: Aaron [mailto:aaron () eldrelore com] Sent: Thursday, March 18, 2004 11:10 AM To: security-basics () securityfocus com Subject: RE: Encryption on Laptops? EFS has been broken. Accessdata's FTK can decrypt it. And no, I'm not an accessdata employee. On Wed, 2004-03-17 at 23:48, Simon and Sara Zuckerbraun wrote:
Honestly, protecting data on a laptop is very, very hard to accomplish.
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Encryption on Laptops? Shanafelt, Gabe (Mar 16)
- Re: Encryption on Laptops? Steven Joerger (Mar 17)
- Re: Encryption on Laptops? David E Mazza (Mar 17)
- RE: Encryption on Laptops? Aditya, ALD [Aditya Lalit Deshmukh] (Mar 19)
- Re: Encryption on Laptops? Magi Networks (Mar 17)
- Re: Encryption on Laptops? David E Mazza (Mar 17)
- Re: Encryption on Laptops? micron (Mar 17)
- RE: Encryption on Laptops? Simon and Sara Zuckerbraun (Mar 18)
- RE: Encryption on Laptops? Aaron (Mar 18)
- RE: Encryption on Laptops? Simon and Sara Zuckerbraun (Mar 19)
- RE: Encryption on Laptops? Bart . Lansing (Mar 22)
- Re[2]: Encryption on Laptops? Alexander Lukyanenko (Mar 26)
- Re: Re[2]: Encryption on Laptops? Bart . Lansing (Mar 26)
- RE: Re[2]: Encryption on Laptops? Simon and Sara Zuckerbraun (Mar 29)
- RE: Encryption on Laptops? Aaron (Mar 18)
- Re: Encryption on Laptops? Steven Joerger (Mar 17)
- <Possible follow-ups>
- RE: Encryption on Laptops? Yoo, Gene (Mar 17)
- Re: Encryption on Laptops? SMiller (Mar 18)
- RE: Encryption on Laptops? Kathmann, Nicholas (Mar 19)
- RE: Encryption on Laptops? Kenneth Buchanan (Mar 19)