Half the/\. readers wouldn't be able to squeeze their pr0n and mp3/ogg collections onto such a small box.
Re:Encrypted File System
on
Storage Security
·
· Score: 5, Informative
Unfortunately the words "weak encryption" can definately be attributed to Windows EFS encryption.
Every time you open the file it's decrypted in place, so while the file is "open" it's in an unencrypted state.
A few scenarios to consider:
A) Application A always running. While the application is running, the data file in unencrypted on disk so anyone with the appropriate permissions can read it. Exchange is a good example of this - how often do you shut it off?
B) What happens when you have a powercut. If the file was unencrypted guess what state it'll stay in until you manually poke it?
C) If it's data like word documents then this is the chain of events: open encrypted file, (it decrypts in the background), you change the file, you save it, windows creates a NEW file and writes the changes to it, office deletes the old file, office renames the NEW file to the name of the old file, windows encrypts the changed file, and office etc rename the encrypted version back to the original filename. But the blocks for the decrypted one are on disk for anyone with the appropriate undelete tools to use.
"The idea is not really news"
Good job. Wouldn't want to spoil a Monday morning with news!
Looking forward to news this afternoon. Or this evening. Or tomorrow. Yes, tomorrow, once I've woken up.
Slashdot Mirror
Half the /\. readers wouldn't be able to squeeze their pr0n and mp3/ogg collections onto such a small box.
Unfortunately the words "weak encryption" can definately be attributed to Windows EFS encryption.
Every time you open the file it's decrypted in place, so while the file is "open" it's in an unencrypted state.
A few scenarios to consider:
A) Application A always running. While the application is running, the data file in unencrypted on disk so anyone with the appropriate permissions can read it. Exchange is a good example of this - how often do you shut it off?
B) What happens when you have a powercut. If the file was unencrypted guess what state it'll stay in until you manually poke it?
C) If it's data like word documents then this is the chain of events: open encrypted file, (it decrypts in the background), you change the file, you save it, windows creates a NEW file and writes the changes to it, office deletes the old file, office renames the NEW file to the name of the old file, windows encrypts the changed file, and office etc rename the encrypted version back to the original filename. But the blocks for the decrypted one are on disk for anyone with the appropriate undelete tools to use.
Still, better than nothing?
"The idea is not really news" Good job. Wouldn't want to spoil a Monday morning with news! Looking forward to news this afternoon. Or this evening. Or tomorrow. Yes, tomorrow, once I've woken up.