Cont. NTFS encryption

  • Thread starter Thread starter Neon
  • Start date Start date
N

Neon

Synopsis of previous posts.

reinstall XP Pro. 'My docs' on seperate drive, encrypted.
no cert backups. no access.
used Advanced EFS to 'see' files are intact.
---------------------------------------------
I now have access to all the folders by using
"Microsoft Knowledge Base Article - 308421" and am able to
make myself owner, permission holder and all else of each
file but still can't actually open a file.
i'm a long way on from where i was and feel there must be
a way in.
To the guy who said being able to access the files would
defeat the purpose of encryption i'd point out they are my
files so i don't see why my user name and password weren't
somehow used as the key. I would say the purpose of
encryption is to protect your files from others, not
yourself,
and when you 1st encrypt a file a pop-up or something
should explain the nature of certificates (they have pop-
ups for everything else!)
From the 3 days i'v had this problem i now see it is a
major problem for many many users and, while not a bug as
such, believe it is a flaw not to warn, explain or
enlighten users of this BEFORE it happens.
Thanks every1 who has helped so far.
Mark.
 
You use file and folder permissions to protect your files using your username and password. This is great, except any other Administrator level user can take ownership of your files and read away. Encryption goes one step beyond simple folder permissions, and can only be broken by a "recovery agent", using your encryption keys.

If you didn't back up the keys, the data is gone, unless you want to spend several hundreds of dollars for a professional recovery service to "try" to crack the encryption.
 
It is simple to define an account with the same name
and password. Using this account does not mean that
someone is actually you. So how would use of the
username and password help to make sure that you
and only you have access to your files ??

EFS use does need a more in-your-face warning and
informative on first use. When XP first released we
advised MS of the need for this, and they are very much
aware that this would help prevent many people from
issues - but we have been told that making such a pop-up
is not a simple matter. It is involved to explain, but it has
to do with the security context that code is executing in at
the time, and the implications of that context communicating
to the user level. They are working on changes, but for now
the behaviors as XP released are what we do and for some
time will have.
 
can you suggest some software. The documents are very
valuable
-----Original Message-----
You use file and folder permissions to protect your files
Click to expand...
using your username and password. This is great, except
any other Administrator level user can take ownership of
your files and read away. Encryption goes one step beyond
simple folder permissions, and can only be broken by
a "recovery agent", using your encryption keys.
If you didn't back up the keys, the data is gone, unless
Click to expand...
you want to spend several hundreds of dollars for a
professional recovery service to "try" to crack the
encryption.
--
In memory of Robert (aka Koldbear)
http://www.btinternet.com/~winnoel/winhelp.htm
--------------------------------
Doug Knox, MS-MVP Windows XP/ Windows Smart Display
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.

"Neon" <[email protected]> wrote in
Click to expand...
message news:[email protected]...
 
I wasn't responding to this thread because I shouldn't be recommending
software that attacks our product.

The product recommended by Doug (and most others like it including the tool
the Microsoft Product Support uses) require key material from the user's
Application Data directory to be present. Strange and unsettling that this
tool doesn't mention that, but it's pretty clear to me from their other
requirements that they find the DPAPI keys and unlock them with a user
password.

Without using the above method, the only attack is against the symmetric
crypto on each individual file. If the OS was WinXP SP1, the default is AES
256 - really really unlikely that anything will crack it for a long time.
And it each file has a different key.

Sorry to be the bearer of bad news.
--
Drew Cooper [MSFT]
This posting is provided “AS IS” with no warranties, and confers no rights.


I've never had a need for it. You can do a search at www.google.com for
"recover encrypted files" or a similar search. You'll find a number of
hits, most very expensive.

One such:

http://www.lostpassword.com/windows-xp-2000-nt.htm

--
In memory of Robert McGregor (aka Koldbear)
http://www.btinternet.com/~winnoel/winhelp.htm
--------------------------------
Doug Knox, MS-MVP Windows XP/ Windows Smart Display
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

EFS, encryption and offline files 2
EFS OST File Encryption 1
News Encrypted SSDs are not as secure as we thought 3
Size of EFS encrypted files 1
Unable to decrypt a folder that was encrypted with Windows encrypt 1
EFS nightmare 3
Changing computers with EFS documents 1
Encrypting File System - offline? 1

Back
Top