[Dshield] Microsoft DRM?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Thu Nov 15 20:07:49 GMT 2007
On Thu, 15 Nov 2007 14:37:43 EST, Mark Owen said:
> Nope, but a better idea might be to just set the encryption attribute
> on the folder/files. It is AES encryption by default and done
> transparently at the file system level.
Note that if an intruder has a "presence" on the system (i.e. the code is
running on the system, as opposed to abusing an open share or similar from
elsewhere), then the code is running as the compromised user, which means that
it will be able to transparently read any/all files readable by that user.
Having said that, encrypting the filesystem is a *great* idea if your threat
model includes "reading by people other than the user" - for instance, a
stolen laptop...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/list/attachments/20071115/4e6ec609/attachment.bin
More information about the list
mailing list