[unisog] File protection in a Windows Environment

Reg Quinton reggers at ist.uwaterloo.ca
Wed Dec 7 10:37:54 GMT 2005


> Stay away from Microsoft's EFS then, since the "key recovery" role can
> be assumed by an administrator.

I wouldn't say "stay away". Instead, say "be aware". If you're aware of the 
limitations it's reasonable. We posted a position paper here:

http://ist.uwaterloo.ca/security/position/20020619/

Ps. a limitation on most cryptography -- an administrator can install a 
key-stroke logger to grab your PGP key (or whatever product you recommend). 



More information about the unisog mailing list