Covering your tracks...

[zzzz]

It takes more than "delete" to cover your ***. You need to write over the data several times with random patterns, otherwise they'd be able to recover the data from the magnetic remnants on the hard disk.

[krml]

EFS isn't that good. If they want your info they will get it.

 

EFS is ineffective if they know the admin pw for the machine or can hack it. They will have the right to view your file.

Using a program like WinHex allowed me to see what had been typed in an Word document since Microsoft Office stores this information in latent memory. Of course WinHex can also be used to gather information from programs other then Office. Even when it is encrypted there is still information that can be gathered. I learned this from a former FBI agent who showed my college class (at the time) how to gather "so called" encrypted or deleted information.

 

This link actually is from Microsoft to disable the feature in Office of keeping the information stored in memory.

http://www.microsoft.com/downloads/details.aspx?familyid=144e54ed-d43e-42ca-bc7b-5446d34e5360&displaylang=en

 

Another good site is www.heidi.ie It has some free software that can be used to wipe your system. Click on the Eraser link. As far as deleting something in Windows all it does is tells the computer that space has been freed to be overwritten. The data is still there until it is used by another file. Of course there will still be enough bits and pieces of the incriminating file left to piece together to get an idea as to what you were doing.

[keekwai]

>>>>"EFS isn't that good. If they want your info they will get it."<<<<<

 

Tell that to the poor souls who post to tech forums looking for a way to access files on their own computer once they've lost their key/certificate.

 

>>>>"EFS is ineffective if they know the admin pw for the machine or can hack it. They will have the right to view your file."<<<<

 

Bullshit. The only way that the Administrator account can access a users encrypted file is by designating a recovery agent *before* users encrypts their files. I love it when people say 'if'. As in 'if' you can hack the password. How does hacking a password make EFS ineffective? It sounds like an ineffective password policy to me. That's like saying a car has ineffective security when you lock the doors, leave the key in the lock and someone breaks into the car.

 

And you work in computer security as I recall?

 

In the past you've posted about backdoors in well known encryption algorithms which I replied to at the time saying more or less 'bullshit'. You make these hit and run posts and never return to back them up.

[krml]

Bullshit? I really don't know what your problem is and I don't care. I am giving generalities because no Microsoft OS is very secure. If you want me to start talking about memory buffer overflows and encryption like PKI, RSA, AES and etc. I can do that.

 

I am paranoid because I have met some of the top hackers around. I know Johnny Long from a class I took where he was a guess teacher. He wrote the book Google Hacking for Testing Penetration.

 

I have seen what this guy can do and it is fucking scary. Maybe you are just naive thinking that you can protect your data using something like EFS.

 

Simply if they want your info no matter what you do they will get it. So don't fool yourself. As far as the other comment. Most of the encryption algorithms were written by people working for the U.S. Intelligence community. How do I know backdoors exist? Simply because I was taking classes at Johns Hopkins taught by people who worked in the intelligence community and were actively writing these algorithms. They said if we want we can break any code with the servers we have at NSA because we wrote them. Their words. Now that PGP charges for their service I can guarantee the U.S. Intelligence community has a backdoor into their encryption software no matter what they say.

[enigma]

However, if you have an older version of PGP, when it was still a Zimmerman creation, it's doubtful it has a backdoor in it. They tried to jail the guy for it.

 

But, of course, that's not the same as saying the NSA can't crack it now, by means other than access through a backdoor, perhaps simply by bruteforce. After all, Fort Meade has, what, 40 acres of mainframes/supers, making them the most powerful computing force on the planet. And that's only the stuff anyone actually knows about.

 

Also, it's a myth that knowing how an encryption algorithm works allows you to crack it. In fact, quite the opposite is true. There have been several cases where algorithm writers have thought that they needed to keep their algorithm secret so it couldn't be cracked, but that's the main reason it was easily cracked, because it wasn't allowed to be scrutinized by the encryption community, causing it to be vulnerable. Paradoxically to some, publishing the algorithm to the world actually makes it more secure. If you get an openly-published algorithm that you can scrutinize for backdoors, and can be sure that the actual code you use for encryption is the same code that is openly-published, then you can be confident there are no backdoors. Of course, this requires compiling the algorithm yourself to be sure you know what you're getting, and that's beyond the ability of most casual users. But again, that's not the same as saying the NSA can't crack it by means other than a backdoor.

[gummigut]

Really, if someone wants to go through the process of reading all the bits on my hard drive to piece together PARTS of documents that I had on my computer (and try that for a graphic!) then something is seriously wrong

 

For all practical purposes, separate logins will take care of any snooping issues for the average guy if they keep the racey stuff in their my documents if they've got their hard disk NTFS formatted (been so long, but I don't believe FAT allows file/directory security).

 

<<burp>>

[keekwai]

>>>Bullshit? I really don't know what your problem is and I don't care. I am giving generalities because no Microsoft OS is very secure<<<

 

It's your generalities like this "because no Microsoft OS is very secure" without providing any real facts that causes me a problem. And the discussion is about EFS, not MS OSs in general.

 

>>>If you want me to start talking about memory buffer overflows and encryption like PKI, RSA, AES and etc. I can do that.<<<

 

You can stick with talking about AES, the encryption algorithm used in EFS. Point out it's weaknesses and successful cracks.

 

>>>Most of the encryption algorithms were written by people working for the U.S. Intelligence community.<<<

 

Well AES must be one of the exceptions. It was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen but then maybe they were working for the US Intelligence community. Strange to have foreigners developing ciphers that the NSA recommends for classified documents if there was a real fear of backdoors. Keep in mind the NSA is concerned that private data in the US (and abroad) is kept that way for national security.

 

>>>Maybe you are just naive thinking that you can protect your data using something like EFS.<<<

 

It's possible that I am naive and that's why I'm asking you to enlighten me on the weaknesses of EFS. Weaknesses that don't include improper implementation by the user. You obviously have some inside facts I'd enjoy reading about.

[keekwai]

You made some excellent points about encryption algorithms.

[kamui]

Hi guys,

 

I think your discussion about encryption is missing the point. I am sure that almost any code can be broken by professional hackers using super computers. And of course if you run a computer which contains information useful for criminals like clients account/credit card data very, very high security is necessary.

 

But for example in my case we are talking about a notebook which contains company data (clients addresses, invoices, databases e.g..) which are of no worth for hackers or someone who just steals the notebook. But of course I do not want anybody to fool around with the data and IMHO basic security (fingerprint reader for bios start up and Windows user, data stored in on encrypted HD [not EFS], Firewall, e.g.) will do the job.

I do not see any reason why someone would try break into my computer. The people who could do this easly are for bigger and more rewarding targets and a common thief might only be interested in the hardware and even for this he needs to be able to flash the bios without starting the computer...

[enigma]

"...I am sure that almost any code can be broken by professional hackers using super computers..."

 

Two points:

 

- how many hackers have access to supercomputers?

 

- consider what this guy said (although he's NSA, others have reached similar conclusions):

 

"If all the personal computers in the world - about 260 million computers - were put to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe to break a single message."

 

-- William Crowell, Deputy Director of the the National Security Agency, March 1997