[unisog] Windows Encrypted File System (EFS)
reggers at ist.uwaterloo.ca
Fri Feb 10 17:59:31 GMT 2006
From: "Stejerean, Cosmin" <cosmin at cti.depaul.edu>
> EFS is meant to encrypt files while on the drive (so if the laptop is
> stolen nobody will be able to get the files) and while it is far from
> perfect it would have helped in the recent cases in the news when
> laptops of bank employees were stolen.
In theory yes, in practice no. The default configuration has the
Administrator account as a key recovery agent. See the "User Beware" section
in our discussion of EFS here:
EFS is not sufficient to protect data if your laptop is stolen. I understand
there are lots of tools that will give you the Administrator account if you
can get the system to boot from a CD. Once you have the Administrator
account you now have all EFS files.
Mind you I use EFS on my laptop. Every little bit helps.
More information about the unisog