('binary' encoding is not supported, stored as-is) After some research, I am considering rolling out an encryption solution based on win2k EFS. I know of one weakness, that encrypting a file that already exists will leave behind an insecurely deleted plaintext file. This means anyone with any decent forensics tool could bypass the OS and easily read it directly off the hard drive. It also transfers files insecurely across the network. SSL should solve for that. Does anyone know of any other major weaknesses in the EFS encryption, certificate handling, encryption, etc? For this group I'm particularly looking for areas of the hard drive that may contain hidden plaintext copies of normally encrypted documents. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jun 27 2003 - 05:57:54 PDT