Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Can ability to Encrypt files be turned off

2 views
Skip to first unread message

Anthony Fontana

unread,
Dec 17, 2009, 12:26:01 PM12/17/09
to
We have Win XP SP 3 workstations running under a Win Server 2003 domain. We
do not use the Encrypting capabilities of NTFS. I am curious if that
capability can be turned off.

I'm concerned about hackers encrypting our files and wanting cash to
decrypt them.

Leonard Grey

unread,
Dec 17, 2009, 12:50:03 PM12/17/09
to
No problem...I'll just encrypt your users' files with my own encryption
utility...or maybe I'll zip your users' files and encrypt the
archive...or maybe...

Are you seeing my point? A hacker won't be impressed by efforts.

---
Leonard "The Hacker" Grey
Errare humanum est

Tim Meddick

unread,
Dec 17, 2009, 12:53:09 PM12/17/09
to
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS] can be
disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square brackets)
create a new "Dword" value using the "Edit" menu, and give it a value of "1"

You must then reboot for the setting to take effect.

==

Cheers, Tim Meddick, Peckham, London. :-)


"Anthony Fontana" <Anthony...@discussions.microsoft.com> wrote in message
news:7843481A-A287-494C...@microsoft.com...

Anthony Fontana

unread,
Dec 17, 2009, 1:41:02 PM12/17/09
to
Great point. Thanks for pointing this out. It's probably better though to
at least try and stop the encryption. Make them do more work.

"Leonard Grey" wrote:

> .
>

Anthony Fontana

unread,
Dec 17, 2009, 1:41:01 PM12/17/09
to
Thanks, I'll try this out!

"Tim Meddick" wrote:

> .
>

Tim Meddick

unread,
Dec 17, 2009, 2:37:54 PM12/17/09
to
As far as "tampering" goes - I think you will find that only the current user has
rights to use encryption on files and folders.

The current user has an identification number associated with it (e.g.
S-1-5-21-1957994488-1004336348-682003330-1003) and it is this numbered ID that has
access to encrypted files granted to it (via an encryption key).

Therefore - no other user - local OR remote - can access encrypted files.

==

Cheers, Tim Meddick, Peckham, London. :-)


"Anthony Fontana" <Anthony...@discussions.microsoft.com> wrote in message

news:E9AD4217-96D2-4701...@microsoft.com...

John John - MVP

unread,
Dec 17, 2009, 2:45:00 PM12/17/09
to
Tim Meddick wrote:
> Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS]
> can be disabled - set the following registry value and reboot :
>
> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
> "EfsConfiguration"=dword:00000001
>
> If the value is not present - under the above key (between the square
> brackets) create a new "Dword" value using the "Edit" menu, and give it
> a value of "1"
>
> You must then reboot for the setting to take effect.

Nice. The following documentation might useful:

http://search.yahoo.com/search?n=10&ei=UTF-8&va_vt=any&vo_vt=any&ve_vt=any&vp_vt=any&vd=all&vf=all&vm=p&fl=1&vl=lang_en&p=EfsConfiguration&vs=microsoft.com
EfsConfiguration - site:microsoft.com

John

Anthony Fontana

unread,
Dec 17, 2009, 3:52:05 PM12/17/09
to
Thanks. I've bookmarked it and will look at it too.

> .
>

0 new messages