Windows Encryption Software
cmaurand at xyonet.com
Fri Dec 10 07:29:20 CST 2010
On 12/10/2010 8:21 AM, Florian Weimer wrote:
> I believe EFS is available in Windows XP and Windows 2003 Server, too.
> Software-based solutions have the advantage that they are somewhat
> more testable and reviewable. If it's all in the disk, you can't
> really be sure that the data is encrypted with a static key, and the
> passphrase is used for access control only. The latter approach seems
> to be somewhat common with encrypting storage devices, unfortunately.
After some research, I find that recovery of EFS (available for Win
2000/2003/XP/Vista/7) encrypted files in the case of disaster can be
problematic. It has to do with keys, file ownerships, etc., etc., etc.
Plan for disaster and know how to recover before you encrypt with EFS.
More information about the NANOG