PDA

View Full Version : Is the WinXP NTFS encryption secure?



Juan I. Cahis
11-14-08, 07:04 AM
Dear friends:

Is the WinXP NTFS encryption secure?

Is it convenient to encrypt the folder "c:\Document and Settings\<My
Account>\" (and its subfolders) in order to avoid problems in the case
that your computer or your hard disk is stolen?


Thanks
Juan I. Cahis
Santiago de Chile (South America)
Note: Please forgive me for my bad English, I am trying to improve it!

David H. Lipman
11-14-08, 03:24 PM
From: "Juan I. Cahis" <jiclbchSINBASURA@attglobal.net>

| Dear friends:

| Is the WinXP NTFS encryption secure?

| Is it convenient to encrypt the folder "c:\Document and Settings\<My
| Account>\" (and its subfolders) in order to avoid problems in the case
| that your computer or your hard disk is stolen?


| Thanks
| Juan I. Cahis
| Santiago de Chile (South America)
| Note: Please forgive me for my bad English, I am trying to improve it!

Yes.

Conforms to DAR compliance.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Ari
11-15-08, 10:41 AM
On Fri, 14 Nov 2008 10:04:54 -0300, Juan I. Cahis wrote:

> Dear friends:
>
> Is the WinXP NTFS encryption secure?
>
> Is it convenient to encrypt the folder "c:\Document and Settings\<My
> Account>\" (and its subfolders) in order to avoid problems in the case
> that your computer or your hard disk is stolen?
>
> Thanks
> Juan I. Cahis
> Santiago de Chile (South America)
> Note: Please forgive me for my bad English, I am trying to improve it!

Yes, as David pointed out, it is secure. I would suggest Truecrypt for
volume hiding especially if you use crappy passwords.

Antonio Perez
11-15-08, 02:28 PM
Juan I. Cahis jiclbchSINBASURA@attglobal.net wrote previously in
alt.computer.security:

> Dear friends:
>
> Is the WinXP NTFS encryption secure?
>
> Is it convenient to encrypt the folder "c:\Document and Settings\<My
> Account>\" (and its subfolders) in order to avoid problems in the case
> that your computer or your hard disk is stolen?

That's a bit difficult to answer in a general sense. It depends...

Background:
A folder encrypted with Win OS is secure as long as the attacker does _not_
have the password. That's the general accepted description. And, it's true.
The only way to decrypt a folder with an unknown password is to try them
all. That's called "brute force attack". It requires a lot of processing
power and patience to try all possible passwords.

But here is the catch: Who have the password stored?
Answer: The OS
This means that in the following events:
1.- The OS is compromised (virus, trojan, rootkit).
2.- Your user password gets cracked/guessed/revealed.
3.- There is a backdoor to the OS (???).
The password (to the encrypted folder) stored inside the OS is available to
the attacker. In this scenarios, the folder is decrypted, and your secrets
are revealed.

So, it depends... who you are guarding against:
Computer gets stolen: The password is somewhere inside the OS, it could be
found. Yes, with a lot of knowledge/work, but possible.

If the password is independent of the OS, the only vector of attack
is "brute force".

AP

Juan I. Cahis
11-15-08, 03:05 PM
Dear Antonio & friends:

Antonio Perez <ap23562m@gmx.com> wrote:

>Juan I. Cahis jiclbchSINBASURA@attglobal.net wrote previously in
>alt.computer.security:
>
>> Dear friends:
>>
>> Is the WinXP NTFS encryption secure?
>>
>> Is it convenient to encrypt the folder "c:\Document and Settings\<My
>> Account>\" (and its subfolders) in order to avoid problems in the case
>> that your computer or your hard disk is stolen?
>
>That's a bit difficult to answer in a general sense. It depends...
>
>Background:
>A folder encrypted with Win OS is secure as long as the attacker does _not_
>have the password. That's the general accepted description. And, it's true.
>The only way to decrypt a folder with an unknown password is to try them
>all. That's called "brute force attack". It requires a lot of processing
>power and patience to try all possible passwords.
>
>But here is the catch: Who have the password stored?
>Answer: The OS
>This means that in the following events:
> 1.- The OS is compromised (virus, trojan, rootkit).
> 2.- Your user password gets cracked/guessed/revealed.
> 3.- There is a backdoor to the OS (???).
>The password (to the encrypted folder) stored inside the OS is availableto
>the attacker. In this scenarios, the folder is decrypted, and your secrets
>are revealed.
>
>So, it depends... who you are guarding against:
>Computer gets stolen: The password is somewhere inside the OS, it could be
>found. Yes, with a lot of knowledge/work, but possible.
>
>If the password is independent of the OS, the only vector of attack
>is "brute force".
>
>AP

Antonio, as a common person,I am not thinking to be protected from a
spy agency, but from standard bad intentioned people that they can
access my computer in the case it is stolen. I understand that
personal data, emails, etc. are stored in the folder that I mentioned
earlier, so my data will be protected. And because no programs are
stored there, I assume that the computer performance will not suffer
very much.

Am I correct?


Thanks
Juan I. Cahis
Santiago de Chile (South America)
Note: Please forgive me for my bad English, I am trying to improve it!

David H. Lipman
11-15-08, 03:46 PM
From: "Juan I. Cahis" <jiclbchSINBASURA@attglobal.net>

| Antonio, as a common person,I am not thinking to be protected from a
| spy agency, but from standard bad intentioned people that they can
| access my computer in the case it is stolen. I understand that
| personal data, emails, etc. are stored in the folder that I mentioned
| earlier, so my data will be protected. And because no programs are
| stored there, I assume that the computer performance will not suffer
| very much.

| Am I correct?


You are correct.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Antonio Perez
11-15-08, 08:41 PM
Juan I. Cahis jiclbchSINBASURA@attglobal.net wrote previously in
alt.computer.security:

> Dear Antonio & friends:
>
> Antonio Perez <ap23562m@gmx.com> wrote:
>
>>Juan I. Cahis jiclbchSINBASURA@attglobal.net wrote previously in
>>alt.computer.security:
>>
>>> Dear friends:
>>>
>>> Is the WinXP NTFS encryption secure?
>>>


>
> Antonio, as a common person,I am not thinking to be protected from a
> spy agency, but from standard bad intentioned people that they can
> access my computer in the case it is stolen. I understand that
> personal data, emails, etc. are stored in the folder that I mentioned
> earlier, so my data will be protected. And because no programs are
> stored there, I assume that the computer performance will not suffer
> very much.
>
> Am I correct?

As a "common person", I have nothing to hide from any high level government
agency, so, yes, NTFS encryption is secure enough.

Just remember to make your win password longer than "123" :-)