Bugtraq mailing list archives
Re: BugTraq: EFS Win 2000 flaw
From: Attonbitus Deus <Thor () HAMMEROFGOD COM>
Date: Wed, 24 Jan 2001 23:26:25 -0800
----- Original Message ----- From: "Dan Kaminsky" <dankamin () cisco com> <snip>
If you ask me, the user interface itself is the most important documentation--it's the only thing that, if it's incorrect, is
*guaranteed*
to lead to the wrong thing being done.
You mean like the ISO software running on your routers? Example: the access-list logic is different when a crypto map is applied to a sub interface and matched to the access-list ID; the 'permit' statement no longer really means 'permit' in its original context. There is no warning of this in the user interface at all. Your engineers expect that I have at least done a little research before using encryption on a Cisco router, or it will not work. It's not that the interface gives me incorrect information, it gives me none at all. Of course, I really don't expect you warn me at every turn because you can't. The users have to take a little responsibility for the way they do things, even if they don't want to.
I think my real problem with people running to the docs is that, quite frankly, the *reason* for something to be recommended is *critical*.
Running to the docs? Come on, man- all anyone has to do is a simple Start-Help-"File Encryption" and they get plenty of information on what to do and what not to do. It's not like we are talking about doing hours of research to uncover the hidden truth about temp file creation. The simple point is that recommended procedures obviate the issue in this case. That's that. Microsoft is very clear about the propensity for files, even temp ones, to be written in the clear in other circumstances.
MS is failing to overwrite, even once, either the original file or the
.tmp
file that EFS creates. That's a bug.
I never said it wasn't a bug, though I am still out on that (and sorry about spelling 'perceived' incorrectly in my response). I am saying it is not a major security issue. That is the skinny on that. --------------------------------- Attonbitus Deus Thor () HammerofGod Com
Current thread:
- BugTraq: EFS Win 2000 flaw Rickard Berglind (Jan 19)
- Re: BugTraq: EFS Win 2000 flaw Alexander Ivanchev (Jan 22)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 24)
- <Possible follow-ups>
- Re: BugTraq: EFS Win 2000 flaw Russ (Jan 22)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Timothy J. Miller (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Ryan Russell (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Jeremy Epstein (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Kirk Corey (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Alexander Ivanchev (Jan 22)
- Re: BugTraq: EFS Win 2000 flaw Ryan Russell (Jan 24)