Sign in to follow this  
OldGuy

File level encryption. WinXP built in or third party?

Recommended Posts

I'm pondering how to best advice a friend with a small firm regarding file level encryption. He does use backups and puts them into a secure place, but just in case the firm gets a breakin it might be a good idea to have some local encryption on the work files as well. It wouldn't have to be a perfect defense against someone specifically going after the contents of the harddrive (it's not quite that sensitive material anyway), but well enough to keep the regular hoodlum away from it. Then again, more and more people tend to know someone with "special skills" these days.

WinXP has it built in trough NTFS of course, but how easy is it to "take over" the decryption permission through means of reinstalling the system or something like that? At least it doesn't seem enough to simply get administrator access, as I made a quick test with that. So perhaps it's safe enough, but I don't have much more experience than that so I thought I'd just ask for others more detailed experiences.

If it would be best to use a third party software, what can be recommended? Preferably something that can be tested for a while before purchase. (small firm, always low on spare funds) It will have to work with WinXP of course, and handle entire folders or drives rather than individual files at a time.

I have a feeling I'm not the only one interested in these things so perhaps raising the subject can enlighten others as well.

Share this post


Link to post
Share on other sites

in general, file-level encryption is a bad idea. if you want security, physically secure the box. if there is any kind of corruption using local encryption, you can lose all of your data, and it doesn't matter how much you encrypt it if somebody can just pick up the box and walk away with it.

Share this post


Link to post
Share on other sites
Guest russofris

If there are certain files that you absolutely need encrypted, pick up the free version of PGP 8.0. It works fairly well.

Thank you for your time,

Frank Russo

Share this post


Link to post
Share on other sites

I don't see how file corruption would be more or less problematic with encryption. If it happens it's a big enough problem either way. Backups are taken oftenly enough so that backtracking from harddrive failure or whatever wont take a fortune of working time. Bolting the system to the desk might not be a practical solution for his office.

As stated, there is more than a few individual files involved.

Share this post


Link to post
Share on other sites

it still strikes me as illogical. if there is an intruder, they can walk away with the entire pc, and then brute force the filesystem if they can't get to what they need.

Share this post


Link to post
Share on other sites
Guest russofris
it still strikes me as illogical.  if there is an intruder, they can walk away with the entire pc, and then brute force the filesystem if they can't get to what they need.

Ever try to Brute-force a PGP encrypted file? It would make for a great Snickers "Not going anywhere for a while?" commercial.

@Oldguy

Just DL and try the free version of PGP8. It should suit your needs and will encrypt your files nicely. Make sure to use a strong key, like "4money`" and your data will be safe. If you want extra strong keys, I suggest doubling your passphrase "4money`4money'". This will make brute-force attacks extremely time consuming (millions of years).

Thank you for your time,

Frank Russo

Share this post


Link to post
Share on other sites

he is talking about the entire filesystem, not just a file. i've only seen pgp used to protect individual files. and i know that nt's fs encryption has been cracked.

Share this post


Link to post
Share on other sites
it still strikes me as illogical.  if there is an intruder, they can walk away with the entire pc, and then brute force the filesystem if they can't get to what they need.

I think what oldGuy was trying to was prevent the average computer stealer from looking at the info..

Chances are that if someone steals a computer and can't figure out how to use it/get any data from it they're just going to either reformat it or sell it to someone else who'll just reformat it. He's not trying to keep the NSA out.

Share this post


Link to post
Share on other sites
Guest russofris
he is talking about the entire filesystem, not just a file.  i've only seen pgp used to protect individual files.  and i know that nt's fs encryption has been cracked.

Cool nuff,

Too bad the old scramdisk doesn't work with XP.... Although they had released "DriveCrypt". It is not free though

http://www.scramdisk.clara.net/

The only other options that I can think of are:

http://www.ciphers.de/products/bpp_disk.html

http://www.pgpi.org/products/pgpdisk/

Thank you for your time,

Frank Russo

Share this post


Link to post
Share on other sites

you'll have to forgive my prejudice, gang, i just know of 3 people who have been severely burned by such measures (1 by a password on the actual disk a la laptop, and the others with fs encryption when they had minor corruption that resulted in all data being unrecoverable because it took the key).

i'll just duck out here :)

Share this post


Link to post
Share on other sites

i should also note i know 0 people who have been helped by it...

still recommend to physically secure the server, store sensitive documents on it, and have those with access to the files use strong passwords.

Share this post


Link to post
Share on other sites
Guest russofris

I agree that I have seen a number of people burned by disk encryption, and normally take measures to make sure that this does not happen.

Step 1: Write down password. Put it in a safety deposit box at Chase.

Step 2: Do not encrype a bootable HDD (partition on a laptop). A seperate drive (Partition on a laptop) should be allocated for the encrypted volume.

Step 3: Regular Backups (using Imaging software and not unencrypted to tape!!!)

There are some walks of life that require encryption. These are normally the only ones that would benefit from the above mentioned programs.

Thank you for your time,

Frank Russo

Share this post


Link to post
Share on other sites

Thanks for the software hints. :) I'll check those out. Perhaps even the freeware PGPdisk can cover the need well enough.

Just in case everyone's not just anti-MS by default but also knows something about how well the NTFS file encryption system works, then I'm still curious since it would after all be easy to use.

Share this post


Link to post
Share on other sites
Guest russofris
Just in case everyone's not just anti-MS by default but also knows something about how well the NTFS file encryption system works, then I'm still curious since it would after all be easy to use.

The problem with XP and NTFS encryption is not to do with the encryption. It has to do with the inherent security flaws of NT/XP. You Encrypt the files as a user and logg off. Now those files can't be read by another user.. However, the Admin can use cipher.exe to grab the key. Admin passwords can be hacked by booting off of a linux disk and changing the reg hive for the password. There is even a boot disk available for this. So the fact remains that if one has physical access to the PC, the security can be easuly broken. Not so with PGP, BPP, SCRAM, and DCrypt.

Would anyone care to correct me if the above statement is inaccurate, as I have only used Cipher.exe as a domain admin.

Thank you for your time,

Frank Russo

Share this post


Link to post
Share on other sites
However, the Admin can use cipher.exe to grab the key.

Ah, that rings a bell. Might have read something about that a while ago.

Tried to install PGPdisk, but it barfs on the installation claiming a file copy problem. Tried to download from different three loactions and install the program on another disk, but the same result. Perhaps this free version just wont work on WinXP-SP1 or something. I'll have a look at the commersial alternatives later.

Share this post


Link to post
Share on other sites

From what I know this is possible due to incorrect setup and administration, not a hack.

I think that admin's can grab the recovery key. On system that are not know to be physically secure this file is supposed to be export and put in a secure location.

Most servers are kept locked up, so so exported this key is not considered to be an issue.

Share this post


Link to post
Share on other sites

Just in case everyone's not just anti-MS by default but also knows something about how well the NTFS file encryption system works, then I'm still curious since it would after all be easy to use.

The problem with XP and NTFS encryption is not to do with the encryption. It has to do with the inherent security flaws of NT/XP. You Encrypt the files as a user and logg off. Now those files can't be read by another user.. However, the Admin can use cipher.exe to grab the key. Admin passwords can be hacked by booting off of a linux disk and changing the reg hive for the password. There is even a boot disk available for this. So the fact remains that if one has physical access to the PC, the security can be easuly broken. Not so with PGP, BPP, SCRAM, and DCrypt.

Would anyone care to correct me if the above statement is inaccurate, as I have only used Cipher.exe as a domain admin.

Thank you for your time,

Frank Russo

Another nice 'feature' of NTFS Encryption is the following:

Say you have a normal user that sets security on certain files. A month later he changes his password (to logon in Windows). When he tries to access his encrypted files, he get's an access denied error.

So whenever you change your Windows password, you first have to decrypt everything, then change password, and then encrypt everything again.

Share this post


Link to post
Share on other sites
So whenever you change your Windows password, you first have to decrypt everything, then change password, and then encrypt everything again.

Ouch! 8O Thanks for the heads up on that one.

Share this post


Link to post
Share on other sites

Just in case everyone's not just anti-MS by default but also knows something about how well the NTFS file encryption system works, then I'm still curious since it would after all be easy to use.

The problem with XP and NTFS encryption is not to do with the encryption. It has to do with the inherent security flaws of NT/XP. You Encrypt the files as a user and logg off. Now those files can't be read by another user.. However, the Admin can use cipher.exe to grab the key. Admin passwords can be hacked by booting off of a linux disk and changing the reg hive for the password. There is even a boot disk available for this. So the fact remains that if one has physical access to the PC, the security can be easuly broken. Not so with PGP, BPP, SCRAM, and DCrypt.

Would anyone care to correct me if the above statement is inaccurate, as I have only used Cipher.exe as a domain admin.

Thank you for your time,

Frank Russo

Another nice 'feature' of NTFS Encryption is the following:

Say you have a normal user that sets security on certain files. A month later he changes his password (to logon in Windows). When he tries to access his encrypted files, he get's an access denied error.

So whenever you change your Windows password, you first have to decrypt everything, then change password, and then encrypt everything again.

was wondering about that warning when i change passwords....

Share this post


Link to post
Share on other sites
Admin passwords can be hacked by booting off of a linux disk and changing the reg hive for the password.

This only worked with NT4. Windows 2000 and XP use strong encryption on the hashed passwords stored in the Registry, so it is difficult/impossible? to extract the hash and brute force it.

EFS in Windows works very well, but it needs to be implemented correctly and carefully. In general I don't believe standard users need to worry about encrypting the file system.

Share this post


Link to post
Share on other sites
Guest russofris
Admin passwords can be hacked by booting off of a linux disk and changing the reg hive for the password.

This only worked with NT4. Windows 2000 and XP use strong encryption on the hashed passwords stored in the Registry, so it is difficult/impossible? to extract the hash and brute force it.

EFS in Windows works very well, but it needs to be implemented correctly and carefully. In general I don't believe standard users need to worry about encrypting the file system.

This is true, you cannot "extract" the old password, but you can easily "change" the password, which is what the currently available disk does.

You boot, it asks you for a new pwd, you type it, save changes, reboot, and use the new admin pwd.

Simple.

Thank you for your time,

Frank Russo

Share this post


Link to post
Share on other sites
This is true, you cannot "extract" the old password, but you can easily "change" the password, which is what the currently available disk does.

Ah, I understand what you're saying. Yes, this merely demonstrates the need for physical security. Without physical security, software-level security is pretty much meaningless.

Share this post


Link to post
Share on other sites
This is true, you cannot "extract" the old password, but you can easily "change" the password, which is what the currently available disk does.

Ah, I understand what you're saying. Yes, this merely demonstrates the need for physical security. Without physical security, software-level security is pretty much meaningless.

And physical security and laptops, while not known to be antagonistic, generally do not travel together in packs.

Share this post


Link to post
Share on other sites

The admin password is only of value when the recovery key is stored on the system.

For systems that are not physically secure it needs to be exported or never generated. The policy is set in the group policy manager.

EFS is intended for domain usage. Domain servers should be phyically secure.

Also the files shouldn't be reencripted when the user changes password. EFS creates a key. It is reencripted when the users password changes.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this