|
web
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
EFS limitation ?A file can be encryped using EFS on Windows 2003 or XP.
But, then, the file is decrypted when it's move it to a diskett. So, how does EFS provide security on a laptop? ==================================== I believe that there are tools that can reset the Windows password. This, it seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be used to secure files on a stand-alone PC, what am I missing? How? Thanks for your help with this question. M. The files on a NTFS laptop can be secured with EFS also. What seems to
be puzzling you about that? M wrote: Show quoteHide quote > A file can be encryped using EFS on Windows 2003 or XP. > > But, then, the file is decrypted when it's move it to a diskett. > > So, how does EFS provide security on a laptop? > > ==================================== > > I believe that there are tools that can reset the Windows password. This, it > seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be > used to secure files on a stand-alone PC, what am I missing? How? > > Thanks for your help with this question. > > M. Yes. I encrypt a file on the NTFS file system of the laptop. Then, I move the
encrypted [green] file to a diskett in the A: drive of the laptop. The problem is that the file on the diskett is no longer encrypted. Show quoteHide quote "Bob I" wrote: > The files on a NTFS laptop can be secured with EFS also. What seems to > be puzzling you about that? > > M wrote: > > > A file can be encryped using EFS on Windows 2003 or XP. > > > > But, then, the file is decrypted when it's move it to a diskett. > > > > So, how does EFS provide security on a laptop? > > > > ==================================== > > > > I believe that there are tools that can reset the Windows password. This, it > > seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be > > used to secure files on a stand-alone PC, what am I missing? How? > > > > Thanks for your help with this question. > > > > M. > >
Show quote
Hide quote
"=?Utf-8?B?TQ==?=" <M@discussions.microsoft.com> wrote: True, and thats what makes it a part of the NTFS Encryption System. To >Yes. I encrypt a file on the NTFS file system of the laptop. Then, I move the >encrypted [green] file to a diskett in the A: drive of the laptop. The >problem is that the file on the diskett is no longer encrypted. > > > >"Bob I" wrote: > >>> The files on a NTFS laptop can be secured with EFS also. What seems to >>> be puzzling you about that? >>> >>> M wrote: >>> >> >>>> > A file can be encryped using EFS on Windows 2003 or XP. >>>> > >>>> > But, then, the file is decrypted when it's move it to a diskett. >>>> > >>>> > So, how does EFS provide security on a laptop? >>>> > >>>> > ==================================== >>>> > >>>> > I believe that there are tools that can reset the Windows password. This, it >>>> > seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be >>>> > used to secure files on a stand-alone PC, what am I missing? How? >>>> > >>>> > Thanks for your help with this question. >>>> > >>>> > M. >> >>> >>> answer the question you asked earlier, EFS provides security in a laptop when the files you copy/move are transferred across the NTFS platform, not onto a floppy. The person who enabled EFS on the file has access to it, and if he's the one copying it from the machine to the floppy, where's the security breach? You have other security mechanisms if you want to secure your media over a removable diskette. -- Aarohi Johal MCP > You have other security mechanisms if you want to secure your media over 1. Could you give me an example?> a removable diskette. 2. But, returning to my original question, what if someone uses a tool to reset the password and, as a result, has access to the encrypted file system on a stand-alone laptop. Then, moves an encrypted file to a diskett. Where's the security in this situation? Show quoteHide quote "Aarohi Johal" wrote: > "=?Utf-8?B?TQ==?=" <M@discussions.microsoft.com> wrote: > >Yes. I encrypt a file on the NTFS file system of the laptop. Then, I move the > >encrypted [green] file to a diskett in the A: drive of the laptop. The > >problem is that the file on the diskett is no longer encrypted. > > > > > > > >"Bob I" wrote: > > > >>> The files on a NTFS laptop can be secured with EFS also. What seems to > >>> be puzzling you about that? > >>> > >>> M wrote: > >>> > >> > >>>> > A file can be encryped using EFS on Windows 2003 or XP. > >>>> > > >>>> > But, then, the file is decrypted when it's move it to a diskett. > >>>> > > >>>> > So, how does EFS provide security on a laptop? > >>>> > > >>>> > ==================================== > >>>> > > >>>> > I believe that there are tools that can reset the Windows password. This, it > >>>> > seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be > >>>> > used to secure files on a stand-alone PC, what am I missing? How? > >>>> > > >>>> > Thanks for your help with this question. > >>>> > > >>>> > M. > >> > >>> > >>> > > > True, and thats what makes it a part of the NTFS Encryption System. To > answer the question you asked earlier, EFS provides security in a laptop > when the files you copy/move are transferred across the NTFS platform, > not onto a floppy. The person who enabled EFS on the file has access to > it, and if he's the one copying it from the machine to the floppy, > where's the security breach? > > You have other security mechanisms if you want to secure your media over > a removable diskette. > > -- > Aarohi Johal > MCP > Hello! If I have your laptop, you've got a problem! ANYTIME someone has
PHYSICAL control of your computer you have lost security. Now IF you have a BIOS password and A BOOT password and EFS on the laptop and NO floppy normally installed you have a fighting chance that someone will destroy the sensitive data before they can copy it. BUT NO guarantee. M wrote: Show quoteHide quote >>You have other security mechanisms if you want to secure your media over >>a removable diskette. > > > 1. Could you give me an example? > > 2. But, returning to my original question, what if someone uses a tool to > reset the password and, as a result, has access to the encrypted file system > on a stand-alone laptop. Then, moves an encrypted file to a diskett. Where's > the security in this situation? > > "Aarohi Johal" wrote: > > >>"=?Utf-8?B?TQ==?=" <M@discussions.microsoft.com> wrote: >> >>>Yes. I encrypt a file on the NTFS file system of the laptop. Then, I move the >>>encrypted [green] file to a diskett in the A: drive of the laptop. The >>>problem is that the file on the diskett is no longer encrypted. >>> >>> >>> >>>"Bob I" wrote: >>> >>> >>>>>The files on a NTFS laptop can be secured with EFS also. What seems to >>>>>be puzzling you about that? >>>>> >>>>>M wrote: >>>>> >>>> >>>>>>>A file can be encryped using EFS on Windows 2003 or XP. >>>>>>> >>>>>>>But, then, the file is decrypted when it's move it to a diskett. >>>>>>> >>>>>>>So, how does EFS provide security on a laptop? >>>>>>> >>>>>>>==================================== >>>>>>> >>>>>>>I believe that there are tools that can reset the Windows password. This, it >>>>>>>seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be >>>>>>>used to secure files on a stand-alone PC, what am I missing? How? >>>>>>> >>>>>>>Thanks for your help with this question. >>>>>>> >>>>>>>M. >>>> >>>>> >> >>True, and thats what makes it a part of the NTFS Encryption System. To >>answer the question you asked earlier, EFS provides security in a laptop >>when the files you copy/move are transferred across the NTFS platform, >>not onto a floppy. The person who enabled EFS on the file has access to >>it, and if he's the one copying it from the machine to the floppy, >>where's the security breach? >> >>You have other security mechanisms if you want to secure your media over >>a removable diskette. >> >>-- >>Aarohi Johal >>MCP >> My question is "How can I secure the files on a stand-alone laptop [with
EFS], given the details outlined above? Show quoteHide quote "M" wrote: > Yes. I encrypt a file on the NTFS file system of the laptop. Then, I move the > encrypted [green] file to a diskett in the A: drive of the laptop. The > problem is that the file on the diskett is no longer encrypted. > > > > "Bob I" wrote: > > > The files on a NTFS laptop can be secured with EFS also. What seems to > > be puzzling you about that? > > > > M wrote: > > > > > A file can be encryped using EFS on Windows 2003 or XP. > > > > > > But, then, the file is decrypted when it's move it to a diskett. > > > > > > So, how does EFS provide security on a laptop? > > > > > > ==================================== > > > > > > I believe that there are tools that can reset the Windows password. This, it > > > seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be > > > used to secure files on a stand-alone PC, what am I missing? How? > > > > > > Thanks for your help with this question. > > > > > > M. > > > > efs can only be used to encrypt files on a NTFS files system. a floppy uses
a FAT file system. so, when someone (usually the creator of the file) copies it to a floppy, it becomes decrypted. the best way to secure files on removable media is to use a backup program (like NTbackup which comes with Windows) that will maintain encryption. run the backup wizard and save to the removable media. restore on the other machine. but remember, the second machine (assuming you're moving it between 2 machines) must have the encryption certificate to be able to decrypt the file. on laptops, you're not really in that much danger as long as you implemented EFS correctly. on WinXP, when a user password is reset by any means other than loging into the account, the user certificate is destroyed in the process. no certificate = no decryption. Show quoteHide quote "M" wrote: > My question is "How can I secure the files on a stand-alone laptop [with > EFS], given the details outlined above? > > > "M" wrote: > > > Yes. I encrypt a file on the NTFS file system of the laptop. Then, I move the > > encrypted [green] file to a diskett in the A: drive of the laptop. The > > problem is that the file on the diskett is no longer encrypted. > > > > > > > > "Bob I" wrote: > > > > > The files on a NTFS laptop can be secured with EFS also. What seems to > > > be puzzling you about that? > > > > > > M wrote: > > > > > > > A file can be encryped using EFS on Windows 2003 or XP. > > > > > > > > But, then, the file is decrypted when it's move it to a diskett. > > > > > > > > So, how does EFS provide security on a laptop? > > > > > > > > ==================================== > > > > > > > > I believe that there are tools that can reset the Windows password. This, it > > > > seems to me, makes EFS useless for securing a stand-alone PC. If EFS can be > > > > used to secure files on a stand-alone PC, what am I missing? How? > > > > > > > > Thanks for your help with this question. > > > > > > > > M. > > > > > > 
Other interesting topics
Windows 2000 Standby Fail on ThinkPad T22
Internet Settings New Memory Installed, Now What? OS2 Warp client on Windows 2000 network Very Important!! Please help me! BugCheck Command prompt does not show the profile path when opened Trouble booting Windows 2000 Service Pack 4 changing client dns settings |
|||||||||||||||||||||||
