PCSTATS     
[X]   Directory of
Guides & Reviews

Beginners Guides
Motherboards by Brand
Weekly Newsletter
Archived Newsletters

+70 MORE Beginner GUIDES....
Beginners Guides: Encryption and Online Privacy
Beginners Guides: Encryption and Online Privacy - PCSTATS
This article aims to cover the basics of online security, including a description of the methods online stores use to protect themselves and their customers.
Filed under: Beginners Guides Published:  Author: 
External Mfg. Website: PCSTATS Sep 23 2003   M. Dowler  
Home > Reviews > Beginners Guides > PCSTATS

DIY privacy, encrypting your files

The 'tools\internet options\advanced' menu contains some useful features for enhancing the privacy and security of Internet Explorer. Some of these we will talk about later, but for now, enabling the 'empty temporary internet files folder when browser is closed' option will save you some effort.

All 'business' versions of Windows since Win2K (In other words, Windows 2000, XP pro and 2003 server, but not XP Home edition) have included a method of encrypting your files to make them inaccessible to other users on the same machine or on the network, the Encrypting File System (EFS). This is an excellent tool to prevent your data from ending up in the wrong hands, but there are some huge pitfalls too. Let's take a look.

Windows XP can be instructed to encrypt specific files or folders on a per-user basis. This means that when user A decides he wants to encrypt his documents folder, a symmetrical key is generated to encrypt the contents, then this key is in turn encrypted with the public key of a public/private key pair generated by the OS specifically for user A, meaning that only user A's private key can now unlock the files.

This is easy to do, and works well, but there is one huge problem. What happens if user A's account is accidentally deleted, or when you have to reinstall the operating system due to some catastrophic failure?

No problem, right? The files are still thereā€¦

Well yes they are, but no one can access them. The key to decipher the files was encrypted with User A's public key. User A no longer exits, therefore neither does the private key you need to unlock the files. In Windows 2000, the 'administrator' account was designated as a recovery agent, so that any file encrypted by EFS could be unencrypted by the administrator also.

This gave you a lifeline, as long as you did not also delete the administrator account.

Windows XP has no recovery agent by default, so there is no way to recover your encrypted files if you mess up. The only safe way to use EFS (and Microsoft's recommended policy) is to designate a user as a data recovery agent, then export that recovery agent's public and private keys in the form of a digital certificate file that can be stored outside the computer on a floppy disk or other media.

If the worst happens, any user can then import this certificate, and that user can then be made into a data recovery agent to decrypt the files. Let's look at how to do this.

< Previous Page © 2023 PCSTATS.com
Please respect the time and effort that went into creating each PCSTATS Beginners Guide, do not illegally copy. Thank you.
Next Page >

 

Contents of Article: PCSTATS
 Pg 1.  Beginners Guides: Encryption and Online Privacy
 Pg 2.  Encryption
 Pg 3.  Public key and symmetrical encryption methods
 Pg 4.  Digital Signatures
 Pg 5.  How to know that you are using SSL
 Pg 6.  Browser security concerns
 Pg 7.  Managing Cookies
 Pg 8.  Temporary Internet files folder
 Pg 9.  — DIY privacy, encrypting your files
 Pg 10.  Creating a recovery agent
 Pg 11.  Exporting a data recovery certificate

 
Hardware Sections 


 
PCSTATS Network Features Information About Us Contact
FrostyTech
PCSTATS Newsletter
Tech Glossary
Technology WebSite Listings
News Archives
(Review RSS Feed)
Site Map
PCstats Wallpaper
About Us
Privacy Policy
Advertise on PCSTATS

How's Our Driving?
© Copyright 1999-2023 www.pcstats.com All rights reserved. Privacy policy and Terms of Use.