I know that there are a number of tools (e.g. linux boot disk) that
facilitate attacking the EFS in Win2000 by changing the password/s of
the users on the machine. Because of this I have always favoured a
third-party whole-disk encryption product over EFS and have not been
disappointed.
I am now faced with pressure to adopt WinXP EFS as a corporate
standard to protect information on laptops in an Active Directory
forest structure.
I am looking for information regarding any known exploits or
weaknesses of EFS on WinXP.
Specifically:
- is there any reason to believe that these tools will not work on
WinXP EFS?
- are there any other tools around that will allow these EFS files to
be recovered?
- apart from attacking the passwords of the user who created the EFS
files, is there any other attack vector that has a reasonable chance
of success?
- does anyone know of any documentary evidence of a successful
compromise of a WinXP EFS machine (or a Win2K one for reference)?
- is there anything else that will help me to present a full picture
of the risks associated with EFS (e.g. manageability issues etc.)
I know that there are a number of tools (e.g. linux boot disk) that
facilitate attacking the EFS in Win2000 by changing the password/s of
the users on the machine. Because of this I have always favoured a
third-party whole-disk encryption product over EFS and have not been
disappointed.
I am now faced with pressure to adopt WinXP EFS as a corporate
standard to protect information on laptops in an Active Directory
forest structure.
I am looking for information regarding any known exploits or
weaknesses of EFS on WinXP.
Specifically:
- is there any reason to believe that these tools will not work on
WinXP EFS?
- are there any other tools around that will allow these EFS files to
be recovered?
- apart from attacking the passwords of the user who created the EFS
files, is there any other attack vector that has a reasonable chance
of success?
- does anyone know of any documentary evidence of a successful
compromise of a WinXP EFS machine (or a Win2K one for reference)?
- is there anything else that will help me to present a full picture
of the risks associated with EFS (e.g. manageability issues etc.)
....or am I simply paranoid?
Thank you
Regards
Richard
[ reply ]