this problem affects MS windows versions (xp, 2003)
if an user is logged in as an not admin user (power user, user) he is able to decrypt the encrypted drive/partition without entering the appropriate password, if some let his WS/Laptop unlocked every person which has access to the "box" is able to decrypt the system partition (with the currently logged on user, even an resticted account), reboot the machine and boot maybe knoppix and readout all data stored on the system drive
the problem does not affect Windows Vista with enabled UAC
i think the problem should be solved by requiring admin rights and asking for the volume password
the Problem i found is:
if you encrypt your Windows System drive / partition
EVERY User on the system is able to decrypt the System partition without entering the Volume password and as any user on the system (administrator, power user, user,...).
if the partition is NOT longer ENCRYPTED every user which has access to the box is able to read every file of the hard drive, not only the files to which his account might have access to.
i personally think this is a big security issue, if you setup an restricted account on your box and leave your unlocked computer alone, everyone is able to permanently decrypt your system drive
Slashdot Mirror
this problem affects MS windows versions (xp, 2003)
if an user is logged in as an not admin user (power user, user) he is able to decrypt the encrypted drive/partition without entering the appropriate password, if some let his WS/Laptop unlocked every person which has access to the "box" is able to decrypt the system partition (with the currently logged on user, even an resticted account), reboot the machine and boot maybe knoppix and readout all data stored on the system drive
the problem does not affect Windows Vista with enabled UAC
i think the problem should be solved by requiring admin rights and asking for the volume password
regards abadent
the Problem i found is: ...).
if the partition is NOT longer ENCRYPTED every user which has access to the box is able to read every file of the hard drive, not only the files to which his account might have access to.
if you encrypt your Windows System drive / partition
EVERY User on the system is able to decrypt the System partition without entering the Volume password and as any user on the system (administrator, power user, user,
i personally think this is a big security issue, if you setup an restricted account on your box and leave your unlocked computer alone, everyone is able to permanently decrypt your system drive