Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why not use EFS built into Windows 2000/XP file system?

built EFS file system Windows XP
0
Posted

Why not use EFS built into Windows 2000/XP file system?

0 CommentsAdd a Comment

1 Answer

0

Here is an (incomplete) list of EFS problems: 1. Files are only encrypted while they reside on NTFS volume. Every time they are moved to a FAT volume or between computers using network, floppy, CD-R, etc. they are seamlessly decrypted and left in decrypted form. Sentry volumes can easily be moved between computers, backed up, burned to CD-R, etc. all in encrypted form. 2. Only file contents is encrypted, not the file system structures. This allows everyone to see file names, sizes, dates, etc. which in many cases is a security breach in itself. On a Sentry volume everything is encrypted including file system structures. 3. EFS is completely broken on Windows 2000. Microsoft forgot to encrypt private key using user’s logon password, which means that anyone with physical access to computer can read your encrypted files, completely defeating the whole purpose of encryption. This particular vulnerability appears to be fixed in Windows XP.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123