a question on security/encryption

[cipher]

with hundreds of utilities available to crack or reset NT/2000 passwords, is
there really any guaranteed method of securing data? i want this: to be able
to secure/encrypt a file so that even if the feds got their hands on it,
sure they might be able to reset the admin password and log on, but i dont
want anything to be able to be read. how can this be accomplished? i thought
i knew so i tried a test:

windows xp pro with the administrator account set with a password.
i created a simple text file and encrypted it with the builtin efs.
i then rebooted to a floppy that resets the admin password to a blank
password.
shouldnt this have effectively stopped me from viewing the text file?
it didnt.

how can i do what i am trying to do?

 

[Keith W. McCammon]

windows xp pro with the administrator account set with a password.

i created a simple text file and encrypted it with the builtin efs.
i then rebooted to a floppy that resets the admin password to a blank
password.
shouldnt this have effectively stopped me from viewing the text file?
it didnt.

Because EFS is OS-integrated, and the private key is associated with the
SID, not the account password. If you can access the account, you can
access the data.

how can i do what i am trying to do?

Third-party, very strong encryption.

 

[John Wunderlich]

with hundreds of utilities available to crack or reset NT/2000
passwords, is there really any guaranteed method of securing data?
i want this: to be able to secure/encrypt a file so that even if
the feds got their hands on it, sure they might be able to reset
the admin password and log on, but i dont want anything to be able
to be read. how can this be accomplished?

There is an freeware program out there that uses heavy-duty
encryption called "E4M" that you may want to try. It works with
Windows 2000 as long as you remember to dismount the virtual disk
before logging off the user. Development of this product has evolved
into the commercial program "DriveCrypt" ($60). There are other
products.

E4M: <http://www.samsimpson.com/cryptography/scramdisk/>
DriveCrypt: <http://www.securstar.com/>

HTH,
John

 

[Doug Sherman [MVP]]

Keith is correct - changing the password on an account has no effect on
encrypted files regardless of whether the password is changed through the
GUI or with some other tool.

However, you do not need third party software to prevent an unauthorized
user of the administrator account from accessing encrypted files. You can
export the private key to floppy and then delete it from the machine. Then
no one can decrypt the file unless they have the floppy. See:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;241201

Doug Sherman
MCSE Win2k/NT4.0, MCSA, MCP+I, MVP

 

[Steven L Umbach]

Also keep in mind, particularly in W2K, the concept of the recovery agent
which is the local administrator account on a W2K stand alone machine. This
is important because if you use EFS as any other user on that machine there
will be two private keys that can decrypt the files and if you only
export/delete your user EFS private key the data is still vulnerable.

Another possible problem is the there may be remnants of erased files that
have been encrypted on your hard drive. Erased files of course are just
deallocated. The cipher /w command is supposed to take care of this problem
but I also suggest that the hard drive also be scrubbed [including slack
file space] by a third party tool such as East Tec Eraser if data is
sensitive. Best practices also dictate that folders and not individual files
be encrypted and that you encrypt your temporary folder. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
http://support.microsoft.com/default.aspx?kbid=315672
http://www.east-tec.com/eraser/

 

[KRBM]

Untill somthing is done with the CSC a hidden Protected
system file. there is no secure means. to encrypt files
since any admin. can see the contents of the CSC.

KRBM
NT,2K,2K3 MCSE