How secure is XP with NTFS?

[james]

Would saving files inside a WinZip 9 beta2 file with 128-bit encryption
password protection keep prying eyes from looking inside the file's
contents? Assume someone stole my PC, if I have Quickens or Money software
data files and archived it in WinZip, can they crack open the WinZip 9
password protected file to see all my financial data? This is in addition
to password protect the Admin / User accounts in a NTFS harddrive without
encryption folders.

 

[CS]

Would saving files inside a WinZip 9 beta2 file with 128-bit encryption
password protection keep prying eyes from looking inside the file's
contents? Assume someone stole my PC, if I have Quickens or Money software
data files and archived it in WinZip, can they crack open the WinZip 9
password protected file to see all my financial data? This is in addition
to password protect the Admin / User accounts in a NTFS harddrive without
encryption folders.

Since the HDD is formatted to NTFS, you can encrypt the files if your
version of XP is "PRO". If you do, be sure to keep the encryption
certificate stored on removable media and not on the machine. Once
you encrypt files they are reasonably safe from thieves (unless the
CIA steals your computer). Just be sure you don't lose the
certificate or your files will be gone forever.

 

[Larry(LJL269)]

On Thu, 09 Oct 2003 17:50:57 -0500, CS

|(unless the
|CIA steals your computer)
Actually its NSA in Ft Meade, MD or if a genius like
Alan Turing, who solved Enigma machine 7th wheel
problem in a weekend without using computers, gets hold
of it.

Edward Teller said that data is only valuable if u know
what the fields are. 4 ex: 12396753471486329 is what?
Dont call file SS#+DOB, call it X and u can even change
the extension to 1 of many u have registered.

My opinion is that ur biggest security leak is urself.
Buy a shredder 2.

Comments/suggestions/corrections appreciated.
Larry

Any advice given is my attempt to show appreciation for all
the excellent help I've received here but I'm no MVP so it
may only apply NUGS. Personal attacks, nitpicking & criticism
of anything but content will NOT be responded to. Those
posters should spend their time taking the test @
http://www.nimh.nih.gov/publicat/ocdtrt1.htm

 

[Alex Nichol]

Since the HDD is formatted to NTFS, you can encrypt the files if your
version of XP is "PRO". If you do, be sure to keep the encryption
certificate stored on removable media and not on the machine. Once
you encrypt files they are reasonably safe from thieves (unless the
CIA steals your computer).

And more so than with any third party encryption, provided no-one can
log on to the machine as 'you'. So it becomes as secure only as the
password you use at logon, and not at all from thieves if you have
automatic logon. That is where a third party method would be more
practical use. The inbuilt encryption would however be 101% secure
against *you* ever recovering the files if you re-install windows and
have *not* backed up the encryption certificates

 

[james]

Here's the problem...
A few people advertized a freeware (a NTFS reader) and the instruction of
the reader states, "it disregards the NTFS Security".

You can boot directly from this NTFS reader (a boot disk), goes right into
harddrive (bypass any admin password). In fact, you can view any folder
profile whether a password was created or not, then it goes right into the
individual file level, any file in the folder you select. Looks like the
Reader can read "sector by sector" of the harddrive and then view the
contents of the file.
--


And more so than with any third party encryption, provided no-one can
log on to the machine as 'you'. So it becomes as secure only as the
password you use at logon, and not at all from thieves if you have
automatic logon. That is where a third party method would be more
practical use. The inbuilt encryption would however be 101% secure
against *you* ever recovering the files if you re-install windows and
have *not* backed up the encryption certificates

 

[Alex Nichol]

Here's the problem...
A few people advertized a freeware (a NTFS reader) and the instruction of
the reader states, "it disregards the NTFS Security".

You can boot directly from this NTFS reader (a boot disk), goes right into
harddrive (bypass any admin password).

That gets past the 'which user is allowed what aspects' of the NTFS
security. It does *not* get past encryption directly. That has the
data itself encrypted with a very strong level of RSA encryption, and it
cannot be unwound other than through system, using the encryption
certificates. But getting yourself logged on as the owner, and hence
with the decryption available would be a great deal easier

 

[Larry(LJL269)]

On Sat, 11 Oct 2003 12:57:51 +0100, Alex Nichol

|cannot be unwound other than through system, using the encryption
|certificates
Might they become new targets of vituses which only
needs to destroy/alter them?

Thanks- Larry


Any advice given is my attempt to show appreciation for all
the excellent help I've received here but I'm no MVP so it
may only apply NUGS. Personal attacks, nitpicking & criticism
of anything but content will NOT be responded to. Those
posters should spend their time taking the test @
http://www.nimh.nih.gov/publicat/ocdtrt1.htm

 

[John Steele]

Would saving files inside a WinZip 9 beta2 file with 128-bit encryption
password protection keep prying eyes from looking inside the file's
contents? Assume someone stole my PC, if I have Quickens or Money software
data files and archived it in WinZip, can they crack open the WinZip 9
password protected file to see all my financial data? This is in addition
to password protect the Admin / User accounts in a NTFS harddrive without
encryption folders.

Have you looked at Dekart Private Disk Lite?
This seems to work very well - I have been using it for some time now.
More secure (as far as I know) than any encryption with Winzip and much
easier to use for what you want..

John Steele
Soroban Systems