[FDE] compelling reason to do FDE in lieu of EFS?
coderman
coderman at gmail.com
Thu Jun 21 19:21:07 MDT 2007
On 6/21/07, Garrett M. Groff <groffg at gmgdesign.com> wrote:
> ...
> [ encrypted %temp%, %userprofile%, hibernation store, etc ]
> ... wouldn't EFS provide a pretty high level of security for data at rest?
consider that while data is at rest, the encryption program for access
to the EFS is modified to copy keys to unused partition space which
can be scavenged later or delivered via networked malware.
the big benefit of FDE over EFS is that FDE protects the integrity of
the entire drive while at rest, including operating system and
utilities. you need to couple this with good host security (an owned
machine cannot be trusted with keys) to be effective, but it is still
a significant benefit.
best regards,
More information about the FDE
mailing list