locked
Drive Encryption: Who really is able to view content? RRS feed

  • Question

  • I'm expecting delivery of my new Windows Vista OS in the near future.  So, what I need to know is a few things about the content security aspect of the product.  I'm basing my comments on observations using Windows XP Pro folder/file encryption.

    It is well known, that the encryption of content under Windows XP Pro truly offers little protection against the multitude of individuals that would like to obtain your personal information.  This is due to weak technology, various and sundry back doors, sharing of encryption technology used with other entities.

    What I'm hearing about Vista, is similiar in nature.  The litrature indicates that encryption of entire drives (and by extension, folders and files) is secure to only "authorized" users.

    Well, the real questions are: Who does MS think is "authorized"?  What type of backdoors exist in Vista to permit access to systems and/or data content on an individual's system?  What technology is used to encrypt the data:  AES 128bit standard, Polymorphic, etc.?

    From those I've come in contact with, that use Vista, have indicated that Vista is preventing access to some of the OS features that were prviously available to the "Administrator" profiles - specifically registry content, system folders, etc.  By extension, this indicates that any system using Vista, and is connected to the network, will permit access to the system by so called "authorized" people/entities.

    When I purchase a product, I expect to own and use it within the confines of current Copyright Law.  What I don't expect, is the ability of users outside my family to obtain access to my system without prior written consent from me or a family member.

    How does Vista address this?

    Thank you for your time and consideration of these concerns.

    Sunday, February 11, 2007 6:17 PM

All replies

  • I'm expecting delivery of my new Windows Vista OS in the near future.  So, what I need to know is a few things about the content security aspect of the product.  I'm basing my comments on observations using Windows XP Pro folder/file encryption.

    It is well known, that the encryption of content under Windows XP Pro truly offers little protection against the multitude of individuals that would like to obtain your personal information.  This is due to weak technology, various and sundry back doors, sharing of encryption technology used with other entities.

    What I'm hearing about Vista, is similar in nature.  The litrature indicates that encryption of entire drives (and by extension, folders and files) is secure to only "authorized" users.

     

    JAY> says If you use Bitlocker only those with you keys (TMP or USB key) will be able to boot computer.  This protects from physical access Boot is encrypted with Bitlocker and Data is protected with EFS (EFS key are in the Bitlocker part ion or volume.

     

    Well, the real questions are: Who does MS think is "authorized"? 

    JAY> says any user who you give access or account 3 types of accounts

    1.      Administrator – who uses split token – most of the time working as standard user – when a process needs addition  privilege you get a UAC prompt ( SEE UAC’s for further info)

    2.      Standard user can not add software, no admin privilege.

    3.      Guest – Turned off by default

     What type of backdoors exist in Vista to permit access to systems and/or data content on an individual's system? 

    JAY> says none by default – but create a backup and loose the backup and I have access to you data, If you computer is part of a domain then administrators of the system have access.

     What technology is used to encrypt the data:  AES 128bit standard, Polymorphic, etc.?

    JAY> says what type would you like to use above what come in the OS there are 3rd parties who will add extra functionality to the operating system.

    From those I've come in contact with, that use Vista, have indicated that Vista is preventing access to some of the OS features that were prviously available to the "Administrator" profiles - specifically registry content, system folders, etc.  By extension, this indicates that any system using Vista, and is connected to the network, will permit access to the system by so called "authorized" people/entities.

    JAY> says YES if you computer is part of a Domain

    When I purchase a product, I expect to own and use it within the confines of current Copyright Law.  What I don't expect, is the ability of users outside my family to obtain access to my system without prior written consent from me or a family member.

    How does Vista address this?

    JAY>  says lock your computer in your home, do not give anyone the key, Add a router/firewall for you connection to the internet , use a software firewall on the system, Get AV and keep you system and software updated,  be careful where you surf the net and you will be ok  

    Thank you for your time and consideration of these concerns.

     

    Monday, February 12, 2007 2:06 PM