it looks like Microsoft didn't get it right

Taral taral at taral.net
Thu Nov 18 23:52:23 EST 2004


On Thu, Nov 11, 2004 at 07:59:08AM -0600, Dean, James wrote:
> This is not as serious as I thought.  According to
> http://www.elcomsoft.com/AEFSDR/whatsnew.txt, the cracker would need your
> password and access to your drive. 

It is the case, however, that EFS does not zero out spare space in a
cluster. So if you encrypt a file, it can leak plaintext.

-- 
Taral <taral at taral.net>
This message is digitally signed. Please PGP encrypt mail to me.
A: Because it fouls the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20041118/c907edc6/attachment.pgp>


More information about the cryptography mailing list