Re: How do I protect folders from teenage eyes?
- From: Jim Howes <sewoh.mij@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 18 Dec 2006 16:23:59 +0000
Ken wrote:
Win2k SP4
I have lots of financial data that I do not want to be public within the
family. The problem is that my computer is used on occasion by my kids.
Is there a way that I can secure folders so that the contents,
including sub-folders, can only be opened with a password when there is
a call for the folder or any of its contents?
There are a number of ways, however if a sophisticated attacker (which probably
includes your kids) has physical access to the computer, there are very few ways
of keeping data secure.
In rough order of increasing security are:
1. File and folder security. Change the ownership of a folder to your account.
Ensure that only your account has access via the security tab. Make sure that
your account has a secure password, and that there are no administrator accounts
without similarly secure passwords. This is still insecure if an attacker can
get access to the drive via another operating system (such as booting from a
linux bootdisk, mounting your NTFS partition, and making off with your files)
2. Password protection within applications
Depending on the application, password protection can be anything from trivial
to reasonably secure (only very occasionally does application-based encryption
turn out to be very secure). Most password-protected files that I've been given
to break open have yielded easily to even basic cryptanalysis. Your mileage may
vary.
3. Store data in encrypted ZIPfiles.
ZIP file encryption is actually fairly strong as encryption schemes go, however
there are cracking tools around. A long, secure pass-phrase increases security,
however ZIP files are extremely vulnerable to what is termed a 'Known-plaintext
attack' (which means virtually any microsoft office document in a
password-encrypted ZIPfile can be extracted rather easily by anyone who knows
how to perform that sort of attack, solely because bytes 80 through 511 of a
typical .DOC file are usually all 0xFF). The process is fun, but the maths is
horrible, so I won't go into detail here.
4. Store data encrypted with serious-industrial-strength encryption. Public-key
based encryption such as PGP or GnuPG are extremely secure in comparison with
ZIP passwords.
5. Store data on removable media. External hard disks are reasonably cheap,
easy to configure, and easy to take away and lock up. They also make very
useful places for making backups of things. I built a USB and Firewire 160Gb
external drive for the cost of the drive (£36), plus the cost of the enclosure
(£28). A cheaper alternative is the USB drive, but if you go that route, get
atleast two, because I find they tend to wear out just as you start to rely on them.
Of course, once you get to stage 5, physical access to the machine is now
meaningless; you just have to prevent physical access to the media. Removable
hard drives or USB flash discs are, well, easily removable.
.
- References:
- Prev by Date: Re: How do I protect folders from teenage eyes?
- Next by Date: Re: How do I protect folders from teenage eyes?
- Previous by thread: Re: How do I protect folders from teenage eyes?
- Next by thread: Re: How do I protect folders from teenage eyes?
- Index(es):
Relevant Pages
|
