Security Basics mailing list archives
RE: Hard drive encryption in windows
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Tue, 27 Sep 2005 19:32:25 -0400
EFS works without AD and without a CA. Without those the EFS certs are untrusted (not a problem with EFS or any use of EFS) and EFS certs are given 100 year useful lifes. If Certificate Services is installed, it will give EFS certs a 1 or 2 life. As far as EFS is concerned, the most useful thing about having a CA is the ability to automatically back up all EFS keys, without end-user intervention. EFS is great, but if you use EFS, back up your EFS private keys. Don't use it without doing that. -----Original Message----- From: Webbrain [mailto:webbrain () hotpop com] Sent: Tuesday, September 27, 2005 7:16 PM To: 'webbrain'; Roger A. Grimes; Steve.Cummings () barclayscapital com; gregor.pifko () gmail com; security-basics () securityfocus com Subject: RE: Hard drive encryption in windows EFS works on AD (with CA) environment if I'm not wrong. What about personal laptops or home desktop hard drive encryption? Regards WB -----Original Message----- From: Roger A. Grimes [mailto:roger () banneretcs com] Sent: Monday, September 26, 2005 2:27 PM To: Steve.Cummings () barclayscapital com; gregor.pifko () gmail com; security-basics () securityfocus com Subject: RE: Hard drive encryption in windows EFS is an excellent solution, as long as you back up the user's EFS key or use a Data Recovery Agent (or Key Recovery Agent). Roger ************************************************************************ *** *Roger A. Grimes, Banneret Computer Security, Consultant *CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, CHFI, TICSA *email: roger () banneretcs com *cell: 757-615-3355 *Author of Honeypots for Windows (Apress) *http://www.apress.com/book/bookDisplay.html?bID=281 ************************************************************************ **** -----Original Message----- From: Steve.Cummings () barclayscapital com [mailto:Steve.Cummings () barclayscapital com] Sent: Monday, September 26, 2005 1:20 PM To: gregor.pifko () gmail com; security-basics () securityfocus com Subject: Re: Hard drive encryption in windows Sorry to say this but couldn't have ms for this, try a product called safe boot -----Original Message----- From: Gregor Pifko <gregor.pifko () gmail com> To: security-basics () securityfocus com <security-basics () securityfocus com> Sent: Thu Sep 22 19:41:21 2005 Subject: Re: Hard drive encryption in windows Windows have support for EFS(Encrypting File System). I haven`t worked with it so I`ll just paste a link for more information: http://en.wikipedia.org/wiki/EFS Hope it helps. On 9/22/05, Cesc Santasusana <cesc.santasusana () nl thalesgroup com> wrote:
Hi, I am looking for a solution to encrypt the hard drives which contain
confidential info. Ideally, this tool would be transparent and usable on all the drives on the computer/laptop (from c: to z:). Ideally it would be easy to set up and manage, not a problem if the tool is not free. Any experience on this? What algorithm(s) does it use?
Another option would be to use external encrypted drives to store the
info. What are the options here?
I am looking for some background information, to short-list all the
options.
Thanks for the help! Cesc Unclassified
------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------
Current thread:
- Re: Hard drive encryption in windows, (continued)
- Re: Hard drive encryption in windows Tom Van de Wiele (Sep 26)
- Re: Hard drive encryption in windows Gregor Pifko (Sep 26)
- Re: Hard drive encryption in windows Rob Thompson (Sep 28)
- RE: Hard drive encryption in windows Josh Taylor (Sep 26)
- RE: Hard drive encryption in windows Beauford, Jason (Sep 26)
- Re: Hard drive encryption in windows Rob Thompson (Sep 28)
- Re: Hard drive encryption in windows Ansgar -59cobalt- Wiechers (Sep 30)
- Re: Hard drive encryption in windows Rob Thompson (Sep 28)
- Re: Hard drive encryption in windows Steve.Cummings (Sep 26)
- RE: Hard drive encryption in windows Roger A. Grimes (Sep 27)
- RE: Hard drive encryption in windows Webbrain (Sep 28)
- RE: Hard drive encryption in windows Roger A. Grimes (Sep 28)
- RE: Hard drive encryption in windows Roger A. Grimes (Sep 28)