Re: Stolen laptops and the Windows encrypted file system?

["Ahmad Elkhatib" <khatib () umich edu>]

EFS is very easily breakable since its tied to the operating system. What
you will need is a pre-boot authentication and full disk encryption. Many
companies have that such as Pointsec, Safeboot, and Utimaco.

Windows Vista has a beefed up version of EFS called BitLocker which i
beleive will be part of the enterprise edition. However from comments that
have been made from MS officials it seems like there will be some sort of
master key or backdoor to break it.

-Ahmad

On 3/28/06, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:
> On Tue, 28 Mar 2006 13:23:03 EST, "Richard M. Smith" said:
> > The EnCase product description is silent on how it gets encryption keys.
> > It's possible that it must be supplied with keys to do the decrypt.
>
> It's tied to the user's login password - which is known to be easily
> guessable
> or crackable a lot of the time.  Remember, if you're at the point where
> you're
> using EnCase on a box, it's assumed you have access to all the password
> hashes too.
>
> So it's a very short detour to Rainbow, and then it's Game Over....
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.