|
|
>> Yeah, sure, but the *key* has to be stored somewhere. ;-)
>
> Just use Windows built-in encryption, that works off your login password
> doesn't it?
Wouldn't that mean that every single time you change your login
password, all of your files instantly become unreadable?
What I suspect happens is that it's actually asymmetrically encrypted,
and the decryption key is encrypted with your login password. That means
if you change your login password, you gotta change one thing - the
encrypted decryption key - and all your stuff is still accessible.
> Even if the admin can remotely log in, they won't be able
> to read your encrypted files unless they somehow get your password.
Do you know what the "use reversible encryption" tickbox in AD does? >:-D
> Or just zip things up with a password.
Now *that* could actually work. Especially if you use that password for
nothing else. Now all the sysadmin needs to do is install a keylogger...
oh, wait... ;-)
Anything you can do, the sysadmin can undo. He controls the machine
you're using. You can't win. [Theoretically at least. In practice you
can make it too hard to be worth the bother.]
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|