blog: encrypted folders

[nikos]

here's the comment area for this week's blog article found at
http://zabkat.com/blog/17May09-encrypted-folders.htm

(due to technical problems it's on a monday one day delayed )

[WimdeLange]

I have never used encrypted folders. What surprised me in your article, is that if you change the password of the user, the contents of the encrypted folder is not usable anymore? Are you sure? That sounds so stupid. Especially if you are in an environment where password changes are mandatory every month.
That is a good reason to not use encrypted folders. Or to use TrueCrypt, ok, that is not folder based, but I have better control of the password handling.

Time to test this. Come back on this later.
[Later] No luck with the test. Windows XP Professional SP3: "An error occurred applying attributes to the file: Recovery policy configured for this system contains invalid recovery certificate."
And reading several notes on this error, confirms what you said.
My conclusion? If you want to protect your data from spying eyes? Don't use Windows Encrypted folders: another way to loose your data, even worse then forgetting your password.

[nikos]

if the admin could change your password and read your files, then encrypted folders wouldn't be much of a safety, any cheeky admin could access your files! So the design is sound

now if they force you to change passwords every now and then, you can copy out files and reencrypt after the password change

but are you saying that you cannot encrypt your folders at all? perhaps some admin policy prevents you from doing so?

[Ray]

For MS Office stuff, I just rely on Office's password protection.

I would NOT rely on Windows encryption for anything - what if your digital certificates get corrupted or hosed by malware or a simple hardware failure? I expect Windows maintains backups but it simply isn't worth the risk.

I'd rather go with a 3rd party utility, something like the open source TrueCrypt or a slightly less secure tool with shell context encrypt/decrypt functionality like AxCrypt. Even WinZip/RAR are more appealing options than the Windows encrypt/destruct trap.
[Nikos, if you ever lose the X² source to this thing, we're all coming after you! ]

[TrueCrypt lets you use a combination of a password and a 'key file', so even if someone gets your p/w they may not be able to get access. You can also load the key file off a pendrive, using the pendrive like a physical key - the same pitfalls apply, you're screwed if you lose the key file - but it's a tad easier to backup than MS's digital whatnots.]

[Cosmo]

WimdeLange,

the user himself can change the password without loosing the control for the encrypted data, but if the admin does so, the data get unreachable. If e.g. the user has forgotten his PW and cannot enter his account, an admin may set it back, but in this case the data will be lost forever. Out of this it is very advicable to prepare a password-reset-diskette (or whatever it is named in an English Windows; it may be a USB-stick also).

But this shows one of the problems with NTFS-encryption: There does occur here and there the situation, where an account gets corrupted, and than say bye to your encrypted (most probably very important) data. I would never rely on that.

Also 25% loss of speed appears to be inacceptable. I use TrueCrypt to create containers. They are more save, I don't see any downgrade in speed, and the problem of lost data because of a corrupted account will not occur. And another point: There might be situations, where you want to encrypt sensitive data, but they shall be shared between the one or other user. Impossible with NTFS-encryption, but not a problem with a TrueCrypt container. (And for savely storing the TrueCrypt, even a very strong one with some ten characters, KeePass is a perfect companion, - and does have more advantages for managing passwords.)

[nikos]

but the whole idea is to have this hassle free, not remember another set of passwords! Also it isn't possible that truecrypt is doing any decent encryption without introducing delays. Either the encryption is lame or if you deal with substantial sizes of files you'll see a degradation

[Cosmo]

As far as I can see there is no slowdown visible. It appears to be a question of the used driver. The changelog of the most recent version of TC claims to be 40% to 50% (!) quicker, but my reported observation has already been made with older versions.

TC also has the possibility to encrypt the whole system; I did never use this, but from what I read, also with this there seems to be only a small (if at all noticable) speed-regression.

The encryption is the strongest that is avalible: AES, Twofish and some other, even combinations of them.

Regarding another set of passwords: I already mentioned KeePass. It is a password-manager, which is able to automatically fill in the credentials wherever it is needed - to not get misunderstood: a distinct password for each network access, file, program. The user only needs to know the master-password, but even this can get exchanged with a keyfile, e.g. on a pendrive. Whenever the user wants access to anywhere, he presses ctrl-alt-a (or another combination), KeePass has a mechanism, to find the correct password. I have a different password, partly also a different username for every access (as for this forum) and every program, but all I need to do is to press this combination. And the same to open a TC container.

In TC you define your container as favorites and automatically open them with Windows start. TC wants to know the PW, I press ctrl-alt-a (I have to open KeePass anyway for my network accesses), and that's all. Sounds probably more complicated than it is.

As both mentioned programs are open-source (IMHO very important just for this matter, otherwiese you can never be sure, if there is a backdoor), I simply suggest to try it yourself.

Using x2 with TC is simple: TC-containers appear as new and absolutely normal drives in the file system, if they are open. Bookmark the most often needed folders in this container(s) and you work with x2 inside a TC-container as in any drive.

At the end one example, what you can do with TC / KP, but not with NTFS-encryption: Say your whole system got corrupted, so that you have no other chance as to reinstall Windows from scratch. But your important data have to get backed up. If you are not able to start the defective system, there is no chance, the data is lost. But with TC-enctypted container, if you have a recovery disk (e.g.Bart's PE), you can start the machine and save the important data. You can even use TC and KP from inside Bart.

Another example: Say, you have very important files, which must be securely protected against viruses, but out of what reason ever you need to have them on your hard disk. With NTFS-encryption they are as vulnerable as any not-encrypted file, during the user is logged in, but if you store them in a TC-container and open this container only at the times, when you actively deal with those files, the files inside the container are as long as the container is closed as unreachable for attackers as if they would be on an external, not-connected disk.

[Iain]

This Tomshardware test found a 1% performance reduction with Truecrypt when using AES encryption.

I agree that transparent NTFS encryption is attractive, but losing all my data through a password reset is scary.

[Thracx]

I have never used encrypted folders. What surprised me in your article, is that if you change the password of the user, the contents of the encrypted folder is not usable anymore?...

Yeah.  One of my best friends lost financial documents and most of his personal letters to his now-fiance because he had encrypted them with the default Windows Encryption, then migrated his data where not even a warning was seen, and then wasn't able to access them after reformatting because....well.... the key died with windows.  Same thing happens if you forget about it and change your password, or if another administrator changes your password for you...  Personally, that scares me.

This happened because the encryption was so transparent.  It wasn't apparent to him that he'd loose all his stuff - he had pretty much forgotten that he had encrypted the files until he was unable to restore them.

Sad, Sad story.  Make sure you make regular, unencrypted (or otherwise recoverable) backups of your important data.  This is the main downfall of EFS - it's hard and/or unclear how to make backups of your data that's also encrypted.


On a good note, I recall while fiddling with Windows 7 that you can create a 'recovery disk' for encrypted files.  I assume you can do the same in older versions of Windows, but the option was easy to find in Win7 and I wasn't even using the feature.  EFS still scares me though.  I'm sticking to WinRAR archives and perhaps Truecrypt.

[jw]

Folder Encryption looks very convenient and the transparency is very neat.  But I wouldn't trust my data to a native Windows encryption method - I'd feel (rightly or wrongly) that full control had been lost. The previous posters have pointed out the inherent dangers in using Folder Encryption.

I use AxCrypt, which will encrypt files or folders, on my non-networked machine. It comes with a powerful and useful command line facility. Backups to memory sticks or DVD of the resulting encrypted files then give all the safety and security needed. It's a bit of extra time and trouble and you have to keep track of what needs encrypting, but it's worth it for peace of mind.

John

[Ray]

but the whole idea is to have this hassle free, not remember another set of passwords!

I don't know if TC allows you to use just a key file and no password but it does support using the p/w as a command line argument so you mount the image via a pen drive's autorun script, for instance - no password entry necessary.

Also it isn't possible that truecrypt is doing any decent encryption without introducing delays.

There is a performance hit but not enough for it to matter. I get consistent 55 MB/s speeds transferring a large ~1GB file from one encrypted partition to another (also encrypted) - mind you that's encryption and decryption happening at once. TC does make use of multi-core processors so having one helps. The performance hit for regular sized files is unnoticable.

BTW, TC also allows encrypting the primary (OS) partition (mentioned by Cosmo) & other cool stuff like having a hidden encrypted OS. Apologies if I'm repeating some stuff, m in a bit of a rush and haven't read the whole thread.

[nikos]

so is this TC encryption transparent? how can you open eg an encrypted word document from it?

[Cosmo]

Yes, absolutely transparent. Insofar no difference to NTFS encryption.

After opening a container it behaves as every other drive. You can store and also install programs there. All thet gets stored there, gets automatically encrypted, what gets opened or copied to a normal drive gets automatically decrypted.

At the moment, you close the container, that drive gets removed from the system (similar to a pendrive that gets unplugged).

[fgagnon]

@ windows encryption -
Count me as another who has lost data from it.  :oops:
I had made a complete backup of the encrypted items - but it was useless upon restoring the data to a new larger HDD two years ago.  I could see all the filenames, but none of the data, as I had neglected to find and back up the keys.  :(

So now everything is unencrypted for me except access control, and backups that are themselves password encrypted.

But this TC encryption looks intriguing. I will have a look.
(TC = TrueCrypt, not Total Commander)

[Thracx]

But this TC encryption looks intriguing. I will have a look.
(TC = TrueCrypt, not Total Commander)

I've heard great things about it, I think it's worth a shot but haven't managed to do so myself yet.