Encrypted File System (EFS) doubt

P

Peter CCH

I do have a question regarding to EFS.

Let's say, I had enable EFS on my system, have all my files encrypted.
Whenever I access it on my system I'm sure able to see it. I the HDD
was stolen or took out and use on another system, they won't be able to
see my files. This is what is suppose to do is it?

How if this is the situation?
My machine is in domain, I have EFS enable. If the domain administrator
want to access to my files through \\myPCName\c$ from his own PC. Can
he open and read the files? Is the files will be decrypted and open for
him? Or it will stay encrypted?

Thanks.



Peter CCH
 
M

Mike Fields

Peter CCH said:
I do have a question regarding to EFS.

Let's say, I had enable EFS on my system, have all my files encrypted.
Whenever I access it on my system I'm sure able to see it. I the HDD
was stolen or took out and use on another system, they won't be able
to
see my files. This is what is suppose to do is it?

How if this is the situation?
My machine is in domain, I have EFS enable. If the domain
administrator
want to access to my files through \\myPCName\c$ from his own PC. Can
he open and read the files? Is the files will be decrypted and open
for
him? Or it will stay encrypted?

Thanks.
Peter CCH
Click to expand...

My understanding after much reading would be that he could
not just see your files since he is not you, HOWEVER, in most
domain environments, there is a DRA (Designated Recovery
Agent) that also gets encrypted into the EFS header on the file.
Whoever the DRA is can also decrypt your files although the
recommended practice is to not have the decrypt key available
on the machine but backed up somewhere. Most domain
environments will have a DRA set up just so you can't encrypt
files, leave the company and then hold them hostage for access
to their files. If the domain administrator WAS the DRA and
they decrypt key was still present, then he could "view" your
files. Check out the following links for more information:
http://support.microsoft.com/default.aspx?scid=kb;en-us;223316
http://www.techzonez.com/forums/archive/index.php/t-13009.html
http://www.practicalpc.co.uk/computing/windows/xpencrypt1.htm
http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037937.html

One important thing to remember -- if your machine belongs
to the company, typically, they have the right to view anything
on there (typically a domain involves a company). Depending
on your location, make sure you understand your rights and
responsibilities before you think you are "safe" encrypting files
on a system in a domain.

Hope that helps
mikey
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

EFS and moving files from old computer to new 2
EFS??? 3
Size of EFS encrypted files 1
Using Encrypting File System (EFS) with Network Attached Storage ( 3
SyncToy bug: found time difference of files 1
a 2nd person can delete a file encrypted by the 1st in EFS,Why? 3
EFS (Encrypted File System) available in XP home? 2
How to use EFS in AD Domain environment ? 1

Top