Security Basics mailing list archives
RE: File Encryption - Part II
From: Kenneth Buchanan <K.Buchanan () Kastenchase com>
Date: Tue, 16 Sep 2003 11:37:40 -0400
The point of EFS is to allow file/folder access only to the appropriate logged-on user (i.e. the user that encrypted it). When you sent the file, it would have attached a decrypted version to the e-mail, because the encryption/decryption happens at the file system level. EFS is pretty good, but you are not going to get truly 'airtight' without hardware-based security. Passwords are not airtight by any means, especially if an attacker has physical access to the hard drive (which is typically what you are trying to protect against when you encrypt the hard drive). As a general rule, if a password can be remembered, it can be brute forced. Past that, read the ongoing file encryption thread for tools that can supplement EFS to provide extra layers of protection. -----Original Message----- From: Rick Jones [mailto:rwjones2001 () hotmail com] Sent: Monday, September 15, 2003 8:48 PM To: security-basics () securityfocus com Subject: Re: File Encryption - Part II I have put off file encryption for a long time, but this thread prompted me to get started. So I created a folder called "Secrets," then created a text document called "Passwords," then did everything I was supposed to do to encrypt "Secrets" and all of its subfolders and files. The "Passwords" file turned a nice green color and showed itself as being encrypted. So far, so good. Then I e-mailed the "Passwords" file to someone, and asked them if they could open it. Sure enough, they could. So I am wondering...just what is file encryption supposed to accomplish? What I would like is a program or something I can use to encrypt a folder and all of its contents, and that absolutely will not open without a password or some other fairly airtight indicator that the creator -- and no one other than the creator -- wants to get in. Can anyone suggest how I might accomplish this? Thanks, RWJ _________________________________________________________________ Compare Cable, DSL or Satellite plans: As low as $29.95. https://broadband.msn.com --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Re: File Encryption - Part II Rick Jones (Sep 16)
- Re: File Encryption - Part II Patrick Boucher (Sep 16)
- RE: File Encryption - Part II Lucas Zaichkowsky (Sep 16)
- <Possible follow-ups>
- RE: File Encryption - Part II Neil Fryer (Sep 16)
- RE: File Encryption - Part II Kenneth Buchanan (Sep 16)
- Re: File Encryption - Part II Kamal Habayeb (Sep 16)
- RE: File Encryption - Part II Kenneth Buchanan (Sep 16)
- RE: File Encryption - Part II Milli Bit (Sep 23)
- RE: File Encryption - Part II Milli Bit (Sep 23)
- Re: File Encryption - Part II Kamal Habayeb (Sep 23)
- RE: File Encryption - Part II Meidinger Chris (Sep 23)
- RE: File Encryption - Part II Chris Berry (Sep 23)