----- Original Message ----- From: "Jon Simon" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 18, 2002 8:00 PM Subject: Re: Horseman Number 3: Osama Used 40 bits
> Can anyone else confirm or deny that this is the case? If it is so, > it would bring new meaning to the term "weak encryption." > Thanks, > Jon Simon For Win2K, it seems that the local administrator is the "default recovery agent" on that box; Microsoft EFS provides "built in data recovery"; this is a policy which must be configured before EFS will be available to users; a recovery certificate must exist; Microsoft recommends that it be removed from the recovery agent's personal store and only installed in case of necessity; it seems that there is no irreversible file encryption using Microsoft EFS. BTW their default strength is 56 bit DESX, upgradeable to 128 bit for North America. It is important to note that local settings are overridden by domain settings on a correctly configured network. The NT change password utility is AFAIK _not_ remotely exploitable; it provides write access to the SAM on any locally mountable NTFS. An attacker with floppy boot access to a Win2K system would get reverse access to that machine's encrypted files only if the recovery cert for the domain was locally available (unlikely), or if the machine was not part of a domain. There is quite possibly a general backdoor to the Microsoft EFS about which we do not know. The EFS is a deterrent to network interception or system theft. Users should be under no delusion about EFS and file readability. A bad guy might not be able to read your files, but the boss can. BTW, with encrypted file systems on linux, CFS and Transparent CFS files will not be readable by the sysadmin unless they run a sniffer or a keylogger to grab the passwords protecting the user's key. AFAIK there is no reversibility short of cryptanalysis with these utilities. Stefan Caunter, MCSE [Moderator's note: lots of trailing quoted material deleted. *Please* trim your messages before posting. --Perry] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]