On 6/21/07, Garrett M. Groff <[EMAIL PROTECTED]> wrote: > ... > [ encrypted %temp%, %userprofile%, hibernation store, etc ] > ... wouldn't EFS provide a pretty high level of security for data at rest?
consider that while data is at rest, the encryption program for access to the EFS is modified to copy keys to unused partition space which can be scavenged later or delivered via networked malware. the big benefit of FDE over EFS is that FDE protects the integrity of the entire drive while at rest, including operating system and utilities. you need to couple this with good host security (an owned machine cannot be trusted with keys) to be effective, but it is still a significant benefit. best regards, _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
