Encryption feature on Windows 2000
Here's a thought... Windows 2000 encryption works 'seemlessly' with the users' existing ID and password credentials. Once authenticated, users can encrypt and decrypt data on the fly with a minimum of hassle.
A big issue, I believe, is what additional protection any encryption would give? A problem with Windows 2000 currently is that system files cannot be encrypted (apparently this will be possible with future releases...) This means that in theory at least, a machine can be hacked for user-account details with standard hacker tools (L0phtcrack/lsadump2 /NTFS DO etc.). The Windows 2000 encryption gives no added protection against this sort of attack, only to the selected files and folders within the NTFS structure.
Once a hacker has achieved this 'local' hack and compromised accounts and passwords, he simply logs on to that machine with the user's account and immediately has access to everything that user has encrypted 'on the fly.' In short, the compromised user has achieved nothing by encrypting his files other than giving himself a false sense of security!?? Any thoughts on this?
Your thoughts are quite perceptive.
I'm (as you might expect) a fan of encryption, but there are only some
things you can solve with encryption. Also, most all encryption is
ultimately keyed by a password or passphrase, and if you lose that -- or it's hacked out from under you -- then all bets are off. Let's face it, if they know that the password is swordfish, it doesn't matter what crypto you used. And if that encrypted disk happens to be served on the network, then you didn't gain a thing from encryption.
In spite of this, it isn't worthless. The main thing that disk encryption is good for is keeping your data reasonably safe if your machine vanishes. This isn't a huge factor with desktop systems, but it matters a lot with laptops. It's bad to have your laptop stolen, but at least if they can't get the data in it, you have some peace of mind.
There's also at least one other option for you. There are products that
provide better disk encryption than the default one with W2K. The PGP
products (full disclosure -- I worked on these) provide an encrypting
virtual disk driver, which allows you to make a file on your base OS into a virtual disk that has fully encrypted access to it. Many people use such a volume to store sensitive things, and since it isn't integrated into the user authentication system, it's harder to break open.
Nonetheless, you hit the nail on the head here -- if encryption is
integrated into the OS authentication and that authentication is easily hacked, you don't get very much protection when all is said and done.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Securing your Data and Information->Encryption
Web Security Tip: Encryption made simple
This was first published in May 2001