Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Encrypted File System. Question...

  1. #1
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default Encrypted File System. Question...

    Is there anyway around this? Is there a bootable cd that can be used to dump the contents or unencrypt the files to another media. This is the encryption used in XP so other people can't mess with your stuff. I've google'd it. Someone said you can use knoppix which doesn't appear to work. I tried it with BT2F, and you can see the files in the folder, but when you click on them, it states that it is unreadable (which I assumed would happen). There are a slew of programs out there, but they require the "key" files to unlock the files.
    Just curious is all. These are my files, but of course you can't trust what people say on the net anyway.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by spankdidly View Post
    Is there anyway around this? Is there a bootable cd that can be used to dump the contents or unencrypt the files to another media. This is the encryption used in XP so other people can't mess with your stuff. I've google'd it. Someone said you can use knoppix which doesn't appear to work. I tried it with BT2F, and you can see the files in the folder, but when you click on them, it states that it is unreadable (which I assumed would happen). There are a slew of programs out there, but they require the "key" files to unlock the files.
    Just curious is all. These are my files, but of course you can't trust what people say on the net anyway.
    The first thing to know is what program encrypted it.

  3. #3
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    I'm honestly not really sure. You right click on a folder, go to properties, click advanced, and check the encrypt contents box. It looks like it creates a certificate for that user to encrypt everything. Sorry, maybe this was a dumb question to ask.

  4. #4
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    It would be kind of pointless to encrypt files, a portion of a disk, or a filesystem if there were ways around it. The only "way around" it would be to have a copy of the key(s).

    Or hope it's on a old busted unpatched system, I highly doubt that MS got their encrypted filesystem 100% right on the first go, there must have been vulnerabilities/patches at some point.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by spankdidly View Post
    I'm honestly not really sure. You right click on a folder, go to properties, click advanced, and check the encrypt contents box. It looks like it creates a certificate for that user to encrypt everything. Sorry, maybe this was a dumb question to ask.
    If they're your files, how come you don't know what encrypted it?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Touche'. As far as I can tell, you need the keys in order to unencrypt. This is what's used at work. Someone said a knoppix disk will retrieve the files. This isn't the case. He probably meant permissions not encryption. I verified with my encrypted docs and it does not work. I only asked because there are a lot of ways around things, and I was wanting to see if anyone had run into this before. You'd think if it was XP encryption (not like pointsec or something) there would be a way around it.

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    This seems to provide some good information on the topic:
    http://ls.berkeley.edu/mail/micronet/2005/0301.html
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Hey, Thank Thorin.

  9. #9
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    The only "flaw" in the design that I have found is that when a file is chosen for encryption, XP makes a temporary copy of the file during the encryption process.
    This file is not securely wiped - just deleted in the usual way - marked as usable space.
    So there is an outside chance that the temporary file may be found via data recovery tools.
    Of course, this is always going to be a slim chance, in the grand scheme of things, but is a flaw nonetheless...

    Having said that, Elcomsoft (for one example) make an EFS recovery program. I have never used it and have no idea of its efficiency.

  10. #10
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by Re@lity View Post
    The only "flaw" in the design that I have found is that when a file is chosen for encryption, XP makes a temporary copy of the file during the encryption process.
    This file is not securely wiped - just deleted in the usual way - marked as usable space.
    So there is an outside chance that the temporary file may be found via data recovery tools.
    Of course, this is always going to be a slim chance, in the grand scheme of things, but is a flaw nonetheless...

    Having said that, Elcomsoft (for one example) make an EFS recovery program. I have never used it and have no idea of its efficiency.


    It will only unencrypt the files if it finds the key file for the specified user you are trying to get the data from. The temporary copy thing is very interesting though. I may have to pull out my copy of 0ntrack and see.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •