data security

[mrdinkel]

Yes. XP Home does NOT use the EFS, so with a nicely crafted DSL CD, one could access but not delete the data on the HDD. If you want BETTER data security, XP Professional (latest build) has the EFS (which one still has to turn on).

With EFS on, it just shows up as 0k in Linux. I know, because i researched it with my own box.

If you want the most integrated / Keep It Simple Stupid method of doing it, XP Professional would be a good step.

It would also help if a Moderator would move this to the OS Forum.

And if you haven't been welcomed, WELCOME TO TECH FORUMS.

[Chankama]

If you want basic security that most people will not be able to break, what MrDinkel suggested should be good enough. Which is completely reasonable.

Of course, in this case what's between the attacker and the file is essentially the user password. It might "sound" complicated with talks of various private/public keys and symmetric keys, etc. etc. etc. and other crypto jargon, but essentially it all boils down to the user password. If the attacker has "full" access to your system, he can just brute force this. I mean, think about it. When an attacker sits infront of your computer and you sit infront of the computer, what DOESN'T he know that only you know? How many characters is it? How long will it take to brute force it? .. The chain might be long, but it starts with a hidden knowledge of a very few characters.

But.... most people don't have the capability to break the whole chain. Even many self proclaimed computer gurus/hackers/script kiddies. So, I wouldn't worry about it.

If you want "true" data security, that's something else. We can talk about it. If you want we can continue the discussion.

FOr the time being I am going to keep the discussion here.

Since the topic of data security is independent of OSs. Even though, some solutions like ^^ do depend on it.

[The General]

Quote:

Originally posted by mrdinkel
Yes. XP Home does NOT use the EFS, so with a nicely crafted DSL CD, one could access but not delete the data on the HDD. If you want BETTER data security, XP Professional (latest build) has the EFS (which one still has to turn on).

With EFS on, it just shows up as 0k in Linux. I know, because i researched it with my own box.

So... When Windows breaks and you can't boot, how are you supposed to use Knoppix to retrieve the data? And whats stopping me from formatting the harddrive?

[mrdinkel]

TheGeneral : You bring up a good point, but that is the price one has to pay for security. Part of that deals with doing a backup in either of those cases.

You may be able to reformat, but you won't get my data!

Nothing is 100 % foolproof. First sweep of security will get a good 66 % of the problems; a second sweep by another person can get, at the max, 95.5 or something similar, and the third sweep will get 99.7 %. The numbers may be a bit off... but it stay along the lines according to what i remember about stats.

Another question is do you want to use XP native code to do it? if you

Quote:

Hi, thanks for your reply and also thanks for welcoming me here.

I am afraid I cannot afford win XP proffesional, I have bought a laptot with OS already installed.

Well, I really need very good system of security, because I have very valuable data, and I do not want anyone to see or anyone to know. I just do not connect my own computer to the internet..

I am starting to think that the best would be to buy a flash disk of capacity of 2GB and to have all my data with..

What can I do else to secure my data?

thanks for replies.

I understand the cost prohibitive issue; i try to find OpenSource code or free Student Devel stuff for my INT classwork.

It's good to hear you do not connect it to the Internet if you have that import of data on said laptop. The thing to remember is, "No one method is 100 % foolproof." Soon as I start believing it is, a good hard dose of reality reminds me. With all my data compromised.

In terms of data access, the flash memory disk is a VERY good idea. That makes sense, because then if your machine gets stolen, they'd also have to have said disk.

You could also use syskey. A description of it is here.

http://support.microsoft.com/kb/310105/

Quoting (or maybe paraphrasing) the Matrix " I can show you the door, but you are the one who has to walk through it."

[Lord AnthraX]

Quote:

Originally posted by The General
So... When Windows breaks and you can't boot, how are you supposed to use Knoppix to retrieve the data? And whats stopping me from formatting the harddrive?

If I'm not mistaken didn't you say you 32-Bit encrypted your hard drive?


Just was curious as to how that works.

[mrdinkel]

Assuming they have a notebook adapter that will allow them access to drive, Nope. That NTFS drive is still able to be read, and the permissions will come from the bootable volume. The most straightforward answer in that instance is XP pro, or a third party encryption scheme / Jumpdrive.

Physical security, at Layer 1, is still the best way to protect data loss.

[The General]

Quote:

Originally posted by Lord AnthraX
If I'm not mistaken didn't you say you 32-Bit encrypted your hard drive?


Just was curious as to how that works.

It was 2048-bit encrypted, and I stopped using it because it was a major performance problem. Now I just use an external harddrive.

To be honest, I don't know much about it, my brother set it up for me. But Knoppix and most LiveCDs have the tools to access the data, you just need the passkey.