none
Live Mesh Security Issue/Question.

    问题

  • So I've used live Mesh for quite awhile now and this version is finally getting really useful.  After I figured out how to get the paths all pointed to drive C:\MeshShareC the pointers in XML and such now all work between my computers.  This issue really effects any XML that points to another as mesh puts them in a place that doesn't match the pointers.

    So now I want to go up to the next step and encrypt a folder inside of my share.  This works fine on the computer but as mesh is running under my user context it decrypts it automatically and sends it to the other computers.

    When it sends it to the other computer it is unencrypted.  So on the other computer I turned encryption on for the folder/file and updated it.  Sure enough it's encryption got stripped on the other end.

    This seems like a bug to me.  If mesh supports the file system it should support the encryption.  Another issue I thought of is how it is on the wire, is anything in a file that is in plain text transmitted as such?

    This to me seems to imply that my data is not secured when it is transferred.  Mesh would be perfect for storing and transferring encrypted data if it supported the windows EFS type.

    I guess I could store the sensitive information on a bitlocker to go drive and mesh that file/folder but I would have to reserve the drive letters on all of my computers or the XML issues will rise again.

    Any help or direction would be appreciated.  Again the goal here is to have an encrypted XML file (InfoPath in Particular) that can be stored and meshed about several computers and require a password to access that file or folder.  Inside that file/folder sensitive information could be stored securely.

     

    Thank you,

     

    Steve Miner

    2011年3月8日 1:17

答案

  • Hi,

     

    The files that are stored on the Microsoft servers “in the cloud” (the 5 GB of Live Desktop storage that each user gets) are protected by access controls but are not encrypted.

     

    Meanwhile, as this forum focuses on Windows 7 specific issues, this inquiry would best be posted to the corresponding forum:

     

    http://www.windowslivehelp.com/

     

    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us.  Thank you for your understanding.

     

    Regards,

     

    Best Regards

    Magon Liu

    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

    2011年3月9日 9:13

全部回复

  • Ask here:

    http://windowslivehelp.com/

    about Windows Live product issues and questions.

    "A programmer is just a tool which converts caffeine into code"

    Want to install RSAT on Windows 7 Sp1? Check my HowTo: http://www.msfn.org/board/index.php?showtopic=150221
    2011年3月8日 13:08
  • Steve what kind of encryption do you mean?  EFS?  I found this article on how EFS works, and in your case above, everything is working as designed.  Live Mesh is just like any other application, Word, Excel, etc. that if you opened a file in an encrypted EFS store, it would be decrypted upon open.  In this case, Live Mesh accesses the file in the same way Word or Excel does and then transfers that file to the other locations. 

    I can't say for sure, but I would also assume that the EFS private key is unique to each workstation where EFS is turned on...and unless you back up that EFS cert and install it on each of the other devices you wouldn't be able to read an EFS encrypted location.

    http://www.petri.co.il/how_does_efs_work.htm

    Someone please correct me if I'm wrong...my assumptions on EFS are based largely on my experience with it as a user not as an administrator.

     

    r/
    john


    John Wildes | Senior Enterprise Architect | United Airlines | Desktop Engineering
    2011年3月8日 14:00
  • Hi,

     

    The files that are stored on the Microsoft servers “in the cloud” (the 5 GB of Live Desktop storage that each user gets) are protected by access controls but are not encrypted.

     

    Meanwhile, as this forum focuses on Windows 7 specific issues, this inquiry would best be posted to the corresponding forum:

     

    http://www.windowslivehelp.com/

     

    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us.  Thank you for your understanding.

     

    Regards,

     

    Best Regards

    Magon Liu

    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

    2011年3月9日 9:13
  • Hi,

    As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to  reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.

    We’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts.

     

    Best Regards

    Magon Liu

    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     

     

     

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

    2011年3月15日 2:24