encryption
Dennis Jackson
wrong password is entered three times.
thanks in advance.
JACKO.
Kadaitcha Man
Why bother? XP's EFS is uncrackable, except for maybe by the US government.
And if you are using XP Pro, you can just set up a policy to lockout an
account after so many attempts to access the account, and you can prevent
users from accessing an entire path, irrespective of their other rights.
rapskat
Kadaitcha Man - dump details are as follows...
> Dennis Jackson wrote:
>> Is there an encryption program that will delete the protected file , if
>> the wrong password is entered three times. thanks in advance.
>
> Why bother? XP's EFS is uncrackable, except for maybe by the US
> government.
NOTHING is uncrackable. EFS can be circumvented and even disabled
entirely.
Remember that the administrator is the default Recovery Agent, which is
mandated for EFS to even work. You get root, EFS is null and void.
Besides, EFS is useless to protect files from users on the same system and
platform; it is much better to use Access Control to accomplish this, as
you have alluded to.
--
rapskat - 10:35:54 up 1 day, 12:20, 3 users, load average: 0.12, 0.37, 0.52
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
Pushing 40 is exercise enough.
Synapse Syndrome
"rapskat" <rap...@hotmail.com> wrote in message
news:pan.2003.04.23....@hotmail.com...
> EFS can be circumvented and even disabled
> entirely.
>
> Remember that the administrator is the default Recovery Agent, which is
> mandated for EFS to even work. You get root, EFS is null and void.
>
> Besides, EFS is useless to protect files from users on the same system and
> platform; it is much better to use Access Control to accomplish this, as
> you have alluded to.
>
This first two statements above are arguable, but not possible with a
properly managed network. The third statement is a load of bollocks.
You do not know what you are talking about.
ss.
rapskat
Syndrome - dump details are as follows...
Can you show how I supposedly don't know what I'm talking about, or is all
you are good for is spouting unfounded opinions?
--
rapskat - 13:48:20 up 1 day, 15:32, 4 users, load average: 0.46, 0.53, 0.42
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
Make it right before you make it faster.
Kadaitcha Man
> Error log for Wed, 23 Apr 2003 15:49:57 +0000: segfault in module
> Synapse Syndrome - dump details are as follows...
>
>
>> "rapskat" <rap...@hotmail.com> wrote in message
>> news:pan.2003.04.23....@hotmail.com...
>>
>>> EFS can be circumvented and even disabled entirely.
>>>
>>> Remember that the administrator is the default Recovery Agent,
>>> which is mandated for EFS to even work. You get root, EFS is null
>>> and void.
>>>
>>> Besides, EFS is useless to protect files from users on the same
>>> system and platform; it is much better to use Access Control to
>>> accomplish this, as you have alluded to.
>>>
>>>
>>
>> This first two statements above are arguable, but not possible with a
>> properly managed network. The third statement is a load of bollocks.
>>
>> You do not know what you are talking about.
>
> Can you show how I supposedly don't know what I'm talking about, or
> is all you are good for is spouting unfounded opinions?
Er, fuck you. linux retard. The onus is on you to prove that you know what
you are talking about and are not spouting unfounded opinions. The
assumption is that you are. If you don't like that, stiff shit.
The statement that was made was in the context of a properly managed and
administered system. If you wish to extrapolate it out to the absurd, such
as somoene's fuckwittery with recovery agents et al, or to allowing a hacker
to turn the attention of a Cray to using brute force, you go right ahead.
It's only you who will look the fucking idiot, as always.
rapskat
Kadaitcha Man - dump details are as follows...
> The statement that was made was in the context of a properly managed and
> administered system. If you wish to extrapolate it out to the absurd,
> such as somoene's fuckwittery with recovery agents et al, or to allowing
> a hacker to turn the attention of a Cray to using brute force, you go
> right ahead. It's only you who will look the fucking idiot, as always.
If you had any clue as to how EFS worked, you wouldn't be arguing with me.
EFS does not afford any guarranty of privacy to users on the same system,
especially home users. If someone wants access to your files, they can
get it via any number of means that don't require a supercomputer in the
least. A couple of fairly easy to obtain and use utilities can do the job
just fine.
Add to this that security is not one of the main concerns of most home
users, and so therefore probably the barest minimum of effort would be
required to circumvent these measures.
As I said, ACL's are the best and easiest method to prevent access to data
for users on the same system, in addition they use up less system
resources.
--
rapskat - 16:18:05 up 1 day, 18:02, 4 users, load average: 0.25, 1.19, 1.64
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
Oh, wow! Look at the moon!
Kadaitcha Man
> Error log for Tue, 22 Apr 2003 22:14:25 +0000: segfault in module
> Kadaitcha Man - dump details are as follows...
>
>> Dennis Jackson wrote:
>>> Is there an encryption program that will delete the protected file
>>> , if the wrong password is entered three times. thanks in advance.
>>
>> Why bother? XP's EFS is uncrackable, except for maybe by the US
>> government.
>
> NOTHING is uncrackable. EFS can be circumvented and even disabled
> entirely.
Yes, let's talk about hitting it with a few hours of brute force using the
NASDA/JAERI/JAMSTEC 35 terraflop NEC sitting in Yokohama doing nothing. You
stupid fuck. Neither you nor any other average Joe Hacker would have access
to sufficient computing power to crack it in half a dozen lifetimes, for
fuck's sake.
> Remember that the administrator is the default Recovery Agent, which
> is mandated for EFS to even work. You get root, EFS is null and void.
BWAHAHAHAHAH!!! You stupid linixfuck. In places where security policy is
high on the list of important things to be seen to, the recovery agents are
generated then removed and stored in a secure environment. Real-world
security, you headfuck, does not mean having a pissy linux server, worrying
about root access and bolting your bedroom door so nobody can get at your
linux-based 386 DX-66.
Get this through your thick head, linuxfuck... encrypting a file and then
having a password is NOT "security." It might be in your pissy linux world,
you know, your bedroom where your linux-based 386 DX-66 is, but in the
real world where the big boys play, there are corporate procedures and
policies that involve things like mixed case, minimum length passwords,
password reuse, identification, off-site storage, visitor access, terminal
ID logon restrictions, and the list goes on.
Of course, nobody would expect you to know about those things seeing as
you only play with linux in your bedroom and your mummy and daddy are too
poor to actually buy you a real personal computer. You know, one like most
everyone else has. But don't you worry about that, set your sights high
and maybe one day someone will give you a job for no reason at all.
> Besides, EFS is useless to protect files from users on the same
> system and platform;
WHAT? BWAHAHAHAAH!!! You are full of shit.
> it is much better to use Access Control to
> accomplish this, as you have alluded to.
I made no such allusion, you fuckwit cunt. It's an illusion. One generated
by your diseased brain. ACL is part of NTFS, not EFS. Fuck me stupid.
In another post, you stated this to Syphilis Syndrone , and I quote:
>> You do not know what you are talking about.
> Can you show how I supposedly don't know what I'm talking about, or is
> all you are good for is spouting unfounded opinions?
Clearly, it has eeen shown that you certainly do not know what you are
talking about... "EFS is useless to protect files from users on the same
system and platform..." BWAHAHAHAH!!!! Forget EFS, use NTFS to accomplish
this ... "it is much better to use Access Control to accomplish this,"
BWAHAHAHAAHAHAHA!!!!
In yet another post, you wrote:
rapskat wrote:
> Error log for Thu, 24 Apr 2003 07:07:05 +1000: segfault in module
> Kadaitcha Man - dump details are as follows...
>
>> The statement that was made was in the context of a properly managed
>> and administered system. If you wish to extrapolate it out to the
>> absurd, such as somoene's fuckwittery with recovery agents et al, or
>> to allowing a hacker to turn the attention of a Cray to using brute
>> force, you go right ahead. It's only you who will look the fucking
>> idiot, as always.
>
> If you had any clue as to how EFS worked, you wouldn't be arguing
> with me.
Ah, nice lame. Ok, let's play this your way: I'll stop at your first
mistake then consign you back to the fuckwit liszt where you
rightfully belong:
> EFS does not afford any guarranty of privacy to users on the same
> system, especially home users.
BZZZZT! Didn't get far did you, headfuck? EFS is not part of the
OS designed for home users. That would be XP Home Edition.
BWAHAHAHAHAHA!!!
"If you had any clue as to how EFS worked, you wouldn't be arguing
with me."
BWAHAHAHA!!! *WHEEZE* *CHOKE* *GURGLE* *CHOKE* *COUGH* *SPLUTTER*
*GASP* BWAHAHAHAHAHAHAHAHAH!!!!
Synapse Syndrome
>
> EFS does not afford any guarranty of privacy to users on the same system,
> especially home users. If someone wants access to your files, they can
> get it via any number of means that don't require a supercomputer in the
> least. A couple of fairly easy to obtain and use utilities can do the job
> just fine.
>
> Add to this that security is not one of the main concerns of most home
> users, and so therefore probably the barest minimum of effort would be
> required to circumvent these measures.
>
> As I said, ACL's are the best and easiest method to prevent access to data
> for users on the same system, in addition they use up less system
> resources.
>
If you had any clue as to how EFS worked, you wouldn't be arguing with me.
You obviously do not have anything more than a very limited experience of
NT.
The EFS keys are associated with a particular user account. This means that
only member of the administrators group can have system wide access to the
keys.
As long as the BIOS is password protected, so that floppy and CD booting is
not possible for users. So nobody can around the password protection.
AFAIK the EFS key uses the user account password in the encryption process,
so cracking password protection won't get you anywhere.
If the computer or HDD was stolen, with EFS, you cannot just plug it into
any other computer and read the data.
Without the key, NOBODY can read the data.
Not even you!
And what you said about access control is very funny. LOL.
ss.
Kadaitcha Man
> If you had any clue as to how EFS worked, you wouldn't be arguing
> with me.
[snip]
> And what you said about access control is very funny. LOL.
Don't explain it to the silly fucker. Let's all just sit here and piss our
pants laughing at the linuxfuck making an even bigger idiot of himself than
I originally accused him of being.
rapskat
Kadaitcha Man - dump details are as follows...
> Synapse Syndrome wrote:
Ok, you ignorant bitches obviously don't know your betters...
Let me learn you once and for all...
Administrator on an NT box is the Recovery Agent, which means that they
have global keys that can decrypt the FEK that is stored with any file.
There are more than enough exploits in effect that can allow one to obtain
root or system and thus read any file encrypted by any user on the system.
Another method is to simply use utilities that allow one to reset a user's
password, allowing one to logon as that user and view the encrypted files.
Another method is to simply access the blocks that stored the tmpfile that
was used to hold the orginal file when it was decrypted. Since Windows is
so brain dead, it doesn't overwrite these blocks when it removes the
tmpfile, making it possible to recover this data if it hasn't been
overwritten.
Also, since system also carries global decryption, any system command
automatically decrypts the files, which means that network access allows
one to read these files in the clear without any trouble UNLESS ACL'S ARE
SET ON IT!
Got it, nimwits? Geez, for people that actually USE that POS everyday,
you sure do know shit all about it.
This spanking brought to you by Open Source Software.
--
rapskat - 21:10:37 up 1 day, 22:54, 4 users, load average: 0.81, 1.04, 0.96
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
Life is the living you do, Death is the living you don't do.
-- Joseph Pintauro
Kadaitcha Man
> Ok, you ignorant bitches obviously don't know your betters...
Lalalala laaaaaa
> Let me learn you once and for all...
Laaaaaa lalala
> Administrator on an NT box is the Recovery Agent, which means that they
> have global keys that can decrypt the FEK that is stored with any file.
If private keys are removed from computers, users will not be able
to decrypt any files without the private key.
Remove... Remove... Remove... Remove... Remove... Remove... Remove...
Remove... Remove... Remove... Remove... Remove... Remove... Remove...
Remove... Remove... Remove... Remove... Remove... Remove... Remove...
Remove... Remove... Remove... Remove... Remove... Remove... Remove...
Remove... Remove... Remove... Remove... Remove... Remove... Remove...
Domain environments can be configured so that EFS works just as it
does in a stand-alone environment. Enterprise Certification
Authorities can be configured in the domain to create private keys
for users.
Remote... Remote... Remote... Remote... Remote... Remote... Remote...
Remote... Remote... Remote... Remote... Remote... Remote... Remote...
Remote... Remote... Remote... Remote... Remote... Remote... Remote...
Remote... Remote... Remote... Remote... Remote... Remote... Remote...
Remote... Remote... Remote... Remote... Remote... Remote... Remote...
The private key must be located on the computer where recovery operations
are to be conducted.
Domain... Domain... Domain... Domain... Domain... Domain... Domain...
Domain... Domain... Domain... Domain... Domain... Domain... Domain...
Domain... Domain... Domain... Domain... Domain... Domain... Domain...
Domain... Domain... Domain... Domain... Domain... Domain... Domain...
Domain... Domain... Domain... Domain... Domain... Domain... Domain...
> This [SELF] spanking brought to you by [ratshit rapskat].
BWAHAHAHAHAAH!!!!
Dennis Jackson
"Kadaitcha Man" <fo...@haha.com> wrote in message
news:b872ad$mp7$0...@pita.alt.net...
Kadaitcha Man
>> Jesus, a simple no would have done
No.
Synapse Syndrome
Wow. You're clinically thick. There's nothing anybody can do.
ss.
relic
> Wow. You're clinically thick. There's nothing anybody can do.
>
> ss.
Linux makes you stupid. But he's had additional help.
--
- relic -
Resident Psychic: alt.os.windows-xp
"The French.... They're there when they need you."
Kadaitcha Man
> As predicted, Synapse Syndrome wrote this:
>> Wow. You're clinically thick. There's nothing anybody can do.
>>
>> ss.
>
> Linux makes you stupid. But he's had additional help.
To be quite honest, I was utterly amazed at what rapskat was saying. In the
past he's been a bit of a change from your run-of-the-mill linuxfuck, but
the recent episode has put him right up there with all the other
knuckle-dragging, arm-swingingg orangutangs.
I tell you, it clearly revealed he has no idea about anything in a secure
environment. But the real pisser was this bit...
"Ok, you ignorant bitches obviously don't know your betters..."
Then this bit...
"Let me learn you once and for all..."
Then the clincher... our first lesson...
"Administrator on an NT box is the Recovery Agent,"
Well, yeah, in a home environment. BWAHAHAHAHAHA!!!!
What a fucking moron.
rapskat
Kadaitcha Man - dump details are as follows...
> relic wrote:
>> As predicted, Synapse Syndrome wrote this:
>>> Wow. You're clinically thick. There's nothing anybody can do.
>>>
>>> ss.
>>
>> Linux makes you stupid. But he's had additional help.
>
> To be quite honest, I was utterly amazed at what rapskat was saying.
Of course you were. It's called education, you should try to get more of
it.
--
rapskat - 08:58:37 up 2 days, 10:42, 2 users, load average: 0.10, 0.08, 0.07
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
This week only, all our fiber-fill jackets are marked down!
Kadaitcha Man
> Error log for Thu, 24 Apr 2003 23:36:02 +1000: segfault in module
> Kadaitcha Man - dump details are as follows...
>
>> relic wrote:
>>> As predicted, Synapse Syndrome wrote this:
>>>> Wow. You're clinically thick. There's nothing anybody can do.
>>>>
>>>> ss.
>>>
>>> Linux makes you stupid. But he's had additional help.
>>
>> To be quite honest, I was utterly amazed at what rapskat was saying.
>
> Of course you were. It's called education, you should try to get
> more of it.
I'll await your dissertation, you dumbfuck cunt.
rapskat
Kadaitcha Man - dump details are as follows...
>> EFS does not afford any guarranty of privacy to users on the same
>> system, especially home users.
>
> BZZZZT! Didn't get far did you, headfuck? EFS is not part of the OS
> designed for home users. That would be XP Home Edition. BWAHAHAHAHAHA!!!
So, in the context of the OP (who I might remind you is asking his
question from the position of a HOME USER), how exactly does any of this
pertain to him?
"Why bother? XP's EFS is uncrackable"
"EFS is not part of the OS designed for home users."
So in other words, your response to the OP doesn't apply to his situation
at all. Not even addressing the technical inaccuracies of your response,
you've just invalidated everything that you've stated in this thread!
Can't even keep your own story straight for more than two posts, huh? In
your manic frenzy to try and not look like the ignorant bitch that you
are, you've just done gone and shoved your whole leg down your throat!
Feel free to now respond and make even more of an ass of yourself, it's
better than Jerry Springer!
--
rapskat - 11:17:21 up 2 days, 13:01, 2 users, load average: 0.14, 1.01, 1.92
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
It don't mean a THING if you ain't got that SWING!!
rapskat
Kadaitcha Man - dump details are as follows...
>> Administrator on an NT box is the Recovery Agent, which means that they
>> have global keys that can decrypt the FEK that is stored with any file.
>
> If private keys are removed from computers, users will not be able to
> decrypt any files without the private key.
The keys are stored WITH the files themselves, nimwit. Why do you think
all of those EFS blocks are allocated to every single node on a NTFS
system?
The randomly generated key that is used to encrypt the file is then
encrypted itself using the private key of the user. This key is also
encrypted using a Master Key, and all of these are stored with the file
itself (or else you couldn't decrypt it could you?)
The only key that really matters is the "master key", which the
administrator or system account of the local computer or domain has access
to.
> Domain environments can be configured so that EFS works just as it does
> in a stand-alone environment. Enterprise Certification Authorities can
> be configured in the domain to create private keys for users.
And the domain admins and system accounts will have the same level of
access to ANY encrypted files on ANY system in that domain.
> The private key must be located on the computer where recovery
> operations are to be conducted.
Unless they have access to the master key which can unlock the private key
which was used to encrypt the key that was used to encrypt the file.
Of itself, EFS is a great idea, but it's implementation is seriously
flawed due to the existence of the Master Key, which renders the whole
excercise pointless, like your posts.
--
rapskat - 11:31:48 up 2 days, 13:16, 2 users, load average: 0.09, 0.21, 0.85
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
Calm down, it's *____ only* ones and zeroes.
Kadaitcha Man
> The keys are stored WITH the files themselves, nimwit.
I already told you, headfuck, EFS can be set up to run from
a domain server. That means the keys are kept on the domain
server. Or did that little detail escape your meagre brain?
> The randomly generated key that is used to encrypt the file is then
> encrypted itself using the private key of the user. This key is also
> encrypted using a Master Key, and all of these are stored with the
> file itself (or else you couldn't decrypt it could you?)
>
> The only key that really matters is the "master key", which the
> administrator or system account of the local computer or domain has
> access to.
Ah, so now you start to talk about domains. I'll write that down as
proof that you had no fucking idea... and still don't.
>> Domain environments can be configured so that EFS works just as it
>> does in a stand-alone environment. Enterprise Certification
>> Authorities can be configured in the domain to create private keys
>> for users.
>
> And the domain admins and system accounts will have the same level of
> access to ANY encrypted files on ANY system in that domain.
I will come back to that before I finish up painting you the headfuck
that you are. It's nice to know that since I raised the notion of
domains and domain key servers that you now start to refer to them in
your clueless bleatings.
>> The private key must be located on the computer where recovery
>> operations are to be conducted.
>
> Unless they have access to the master key which can unlock the
> private key which was used to encrypt the key that was used to
> encrypt the file.
>
> Of itself, EFS is a great idea, but it's implementation is seriously
> flawed due to the existence of the Master Key, which renders the whole
> excercise pointless, like your posts.
In stand-alone systems the user's profile is local to the system. If the
stand-alone system system can be compromised and you can gain access to a
user's account, you can read all files whether or not they are encrypted.
Now, stay off stand-alone systems and focus your puny fucking pin-head on a
secure domain, you dumb cunt.
In a domain, it is entirely different. The domain server automatically
generates and maintains syskeys and master keys.
Now, that I've painted the tar on you, here come the feathers...
> And the domain admins and system accounts will have the same level of
> access to ANY encrypted files on ANY system in that domain.
This is the part I was reluctant to tell you about, but only because you are
a clueless fuck and I have no desire to educate you. With a bit of luck,
you'll dismiss this next part as a whole lot of shite and you'll be none the
wiser for what you have been told about real world security.
It is patently evident that your odd notion of "security" extends only to
passwords and keys on pissy stand-alone systems, or at best, fucked up,
insecure experimental domains for tinkering with, set up, no doubt, in your
dank, dark, musty bedroom, hidden amongst the scattered piles of
shit-stained underwear and rancid socks. That for you there is no world
beyond those things, is a truism. You are a headfuck. A total, unmittigated
headfuck who has no idea of the real world meaning of the term "secure."
Corporations implement organisational security policy. In an NT environment,
that might entail a recovery agent programme to make sure that EFS files can
be recovered in the event of an employee leaving the company, for example.
In my organisation, there are two secure key servers on each domain. There
are siz domains. The secure key servers are secure as in terms of being
locked away in alarmed and barred, bomb proof rooms, three storeys
underground, in various capitols. There are also four trusted administrators
with high security clearance at each site. Two of the four admins are the
only ones who get to play with the keys on any given day at any given secure
site for any given domain.
In order to gain access to a room, they must stand in front of a 1" plate
glass semi-circular door that allows only one person to pass through. They
must swipe their pass to have the system recognise it, and to gain the
attention of the security guard. Then they must look into a camera and be
recognised by the guard and then let through that first door by conscious
decision of the guard. Then they must walk three metres across "no-man's
land" and do the same again, only this time they have to be recognised by a
different guard in a different buillding on the other side of the world. In
going through both doors, the admin roster is checked to make sure that the
admin is allowed to access that room on that day.
So, headfuck, yes, "the domain admins ... have the same level of access to
ANY encrypted files on ANY system in that domain." That's why the fucking
things are locked up and armed guards are posted, you stupid fucking cunt.
DUH!
And before you drag your knuckles and swing your arms around in a fit of
clueless pique, you fucking gormless orangutang linuxfuck, _ANY_ system is
only as secure as the people entrusted with keeping it that way.
Kadaitcha Man
> Error log for Thu, 24 Apr 2003 07:58:34 +1000: segfault in module
> Kadaitcha Man - dump details are as follows...
Sequence post-edited:
> So, in the context of the OP (who I might remind you is asking his
> question from the position of a HOME USER),
How did you get that from this:
"Is there an encryption program that will delete the protected file , if the
wrong password is entered three times.
thanks in advance.
JACKO."
> Feel free to now respond and make even more of an ass of yourself,
> it's better than Jerry Springer!
See above.
Bo Grimes
> rapskat wrote:
>
>> Error log for Thu, 24 Apr 2003 07:58:34 +1000: segfault in module
>> Kadaitcha Man - dump details are as follows...
>
> Sequence post-edited:
>
>> So, in the context of the OP (who I might remind you is asking his
>> question from the position of a HOME USER),
>
> How did you get that from this:
>
> "Is there an encryption program that will delete the protected file , if
> the wrong password is entered three times.
> thanks in advance.
> JACKO."
Well, maybe because he was posting from a DSL line to a.o.w-xp when if he
were an admin in need of such a tool he wouldn't be posting there or he
shouldn't have such a job?
And your simple reply said nothing about all the corporate security you're
now insisting on:
> Why bother? XP's EFS is uncrackable, except for maybe by the US
> government. And if you are using XP Pro, you can just set up a policy to
> lockout an account after so many attempts to access the account, and you
> can prevent users from accessing an entire path, irrespective of their
> other rights.
The "if you are using XP pro" indicates you thought he might be using XP
Home instead, and yet, you say:
> EFS is not part of the OS designed for home users. That would be XP Home
> Edition.
So, why'd you bring it up?
Now you've digressed into all kinds of vaults and armed guards to obfuscate
your original lame reply, completely taking stand alone computers out of
the discussion as irrelevant and unimportant because on that score you got
spanked.
--
Bo G
"Mankind does nothing save through initiatives on the part of inventors,
great or small, and imitation by the rest of us. Individuals show the way,
set the patterns. The rivalry of the patterns is the history of the
world." (William James) Linus is just such an inventor; Linux is just such
a pattern.
Kadaitcha Man
> Kadaitcha Man wrote:
>
>> rapskat wrote:
>>
>>> Error log for Thu, 24 Apr 2003 07:58:34 +1000: segfault in module
>>> Kadaitcha Man - dump details are as follows...
>>
>> Sequence post-edited:
>>
>>> So, in the context of the OP (who I might remind you is asking his
>>> question from the position of a HOME USER),
>>
>> How did you get that from this:
>>
>> "Is there an encryption program that will delete the protected file
>> , if the wrong password is entered three times.
>> thanks in advance.
>> JACKO."
>
> Well, maybe because he was posting from a DSL line to a.o.w-xp when
> if he were an admin in need of such a tool he wouldn't be posting
> there or he shouldn't have such a job?
<aside: And there you have it, linuxfux can't make decisions about the
content of a post, they have to read the fucking headers>
> completely taking stand alone
> computers out of the discussion as irrelevant and unimportant because
FNAR! What a load of shite. You and your arse-fuck friend, rapskat, have no
notion of anything beyond stand-alone. And there was no obfuscation since
the removal of stand-alone systems from the discussion was not
surreptitious, you fuckwit. It was as plain as day, more than once:
"Now, stay off stand-alone systems and focus your puny fucking pin-head on a
secure domain, you dumb cunt."
> on that score you got spanked.
Oh, so it's me who thinks a secure system means having a sign on the bedroom
door that says "KEEP OUT?"
XpUser
Its obvious they are talking crap....
But its fun to read...brightened up my day.
Linønut
> K-Man why you even wasting time with these linuxf**ks???
> Its obvious they are talking crap....
>
> But its fun to read...brightened up my day.
You obviously have answered your own question, bwah!
rapskat
Kadaitcha Man - dump details are as follows...
>> And the domain admins and system accounts will have the same level of
>> access to ANY encrypted files on ANY system in that domain.
>
> I will come back to that before I finish up painting you the headfuck
> that you are. It's nice to know that since I raised the notion of
> domains and domain key servers that you now start to refer to them in
> your clueless bleatings.
I referred to them in response to you bringing them up since they had no
relevance to the context of the OP.
In fact, your whole response has absolutely no relevance to the context of
the OP.
In fact, your entire EXISTENCE has no relevance to the context of this
continuum, but that's another matter...
Now, with regards to your fantastical notions of armed guards and A1
security to store backups and exported encryption keys, that's all fine
for your fantasies, but how in the world does it help the OP with his
question? It doesn't.
EFS is flawed. By allowing global admins and system accounts to have
access to any EFS data, you have potentially allowed anyone to, which
defeats the whole purpose. It doesn't matter whether this is for a
standalone system or for a forest.
It's great that this non-existent "organisation" [sic] that you belong to
goes to such great lengths and expense to ensure security of backups and
keys, but this means shit-all in the context of a home user with one
computer, no domain, and no clue.
In addition, the version of XP that the user is using may not even have
this option *available* to him, which nullifies your whole
argument...again.
Now, you go run back to ms support site and see if you can't quote a few
more irrelevant paragraphs about the strengths of EFS. If nothing else,
I'm sure you are learning more about it than you knew at the beginning of
this thread.
--
rapskat - 13:02:15 up 3 days, 14:46, 4 users, load average: 0.32, 0.60, 1.04
Gentoo Base System version 1.4.3.5 kernel 2.5.68 on a Pentium III (Coppermine)
The trouble with money is it costs too much!
Kadaitcha Man
> Error log for Fri, 25 Apr 2003 08:47:45 +1000: segfault in module
> Kadaitcha Man - dump details are as follows...
>
>>> And the domain admins and system accounts will have the same level
>>> of access to ANY encrypted files on ANY system in that domain.
>>
>> I will come back to that before I finish up painting you the headfuck
>> that you are. It's nice to know that since I raised the notion of
>> domains and domain key servers that you now start to refer to them in
>> your clueless bleatings.
>
> I referred to them in response to you bringing them up since they had
> no relevance to the context of the OP.
They had relevance to the statement I made about EFS security. I put
the context there. Deal with it.
> In fact, your whole response has absolutely no relevance to the
> context of the OP.
No shit, Sherlock?
> In fact, your entire EXISTENCE has no relevance to the context of this
> continuum, but that's another matter...
If that is true then those who do not exist in _your_ continuum are
fortunate.
> Now, with regards to your fantastical notions of armed guards and A1
> security to store backups and exported encryption keys, that's all
> fine for your fantasies,
Oh dear. So I was right. To you, "security" is making sure you don't
run with root priv and having a sign on your door that says "Rapskat's
bedroom! Stay out! By order!"
> but how in the world does it help the OP
> with his question? It doesn't.
Who said it was?
> EFS is flawed. By allowing global admins and system accounts to have
> access to any EFS data, you have potentially allowed anyone to, which
> defeats the whole purpose. It doesn't matter whether this is for a
> standalone system or for a forest.
>
> It's great that this non-existent "organisation" [sic] that you
> belong to goes to such great lengths and expense to ensure security
> of backups and keys, but this means shit-all in the context of a home
> user with one computer, no domain, and no clue.
>
> In addition, the version of XP that the user is using may not even
> have this option *available* to him, which nullifies your whole
> argument...again.
>
> Now, you go run back to ms support site and see if you can't quote a
> few more irrelevant paragraphs about the strengths of EFS. If
> nothing else, I'm sure you are learning more about it than you knew
> at the beginning of this thread.
I'd love to stay and play, but I really can't can't be arsed. I'll
restrict myself to pointing out that you were happy to merrily prance
down the domain path until you realised your error. Now all we have is
bleating about the OP.
Kadaitcha Man
> K-Man why you even wasting time with these linuxf**ks???
Why did I waste my time with you discussing Iraq?
> Its obvious they are talking crap....
It's obvious you were talking crap.
> But its fun to read...brightened up my day.
But I'm sure others found some fun in it and had their day brightened up.
Bo Grimes
>> but how in the world does it help the OP
>> with his question? It doesn't.
>
> Who said it was?
You did you backpeddling shit stain:
> Why bother? XP's EFS is uncrackable, except for maybe by the US
> government. And if you are using XP Pro, you can just set up a policy to
> lockout an account after so many attempts to access the account, and you
> can prevent users from accessing an entire path, irrespective of their
> other rights.
"I'd love to stay and play, but I really can't can't be arsed. I'll
restrict myself to pointing out that you were happy to merrily prance
down [EFS] path until you realised your error. Now all we have is
bleating about [armed guards protecting vaults]."
Kadaitcha Man
> Kadaitcha Man wrote:
>
>
>>> but how in the world does it help the OP
>>> with his question? It doesn't.
>>
>> Who said it was?
>
> You did you backpeddling shit stain:
2.
WOW! You don't see too many of them. You're good at this laming shit, aren't
you? I tell you what, instead of you putting not even a single thought into
anything you post, just use this list. All you do is post the number for the
lame you want to devestate people with. Just hit anyone with a good old 6,
11, 13 combo and they're out for the count... lamed senseless:
1. spnak!
2. spnak! nice backpedal!
3. spnak! You replied so I win. (dance, owned etc.)
4. Slurp! etc.
5. My rules count. etc.
6. Sheep fucker, fag, native, fuck your mother, sister,
brother, father, etc.
7. Testicles, anus, penis, faecal matter, urine etc.
8. blink (clueless)
9. You are my bitch. Loser, child, immature etc.
10. MEOW, repeat, same old ... etc.
11. brain damaged, jackass, incompetent, boring, asswipe etc.
12. Typo, spelling lame, grammar etc.
13. I'm rubber, you're glue! IKYABWAI, truth hurts, takes one
to know one etc.