[Eternity]

We all know that Windows encrypts your password in a NTML Hash right ?
And we also know that windows does not encrypt you files when you for example log off or lock your computer.

Therefore anyone with minor knowledge about computers can easily transfer your data to their storage device, he/she need of course access to the target's computer.

So why do Windows go through the trouble and encrypts only your password and not your files ?

There can be many reasons for that:

1. To protect your password from others seeing it.
   
2. They might are creating an application that encrypts some/all your files.
   
3. To enable support for those who want's to use software that are not from Microsoft to get extra security.
   

So why doesn't Windows allow you to encrypt your files(except .Zip archives) ?
It would take them less than a week and increase Windows security drastically.

One of the reasons might be that they don't want to decrease overall performance because Encrypting and Decrypting takes a lot of processing power and storage.
Now what about an option ?
A) You can encrypt some or all files when you want.
B) You can chose not to and lose 0.5-2 MB storage space.


I really don't know why Windows don't have this integrated in their operating system.


This is one of my "fail-to-understand-something-clearly" moment so please if you have an idea why they don't have this integrated post it below.

Thanks

[ICE_]

Before I begin I'd like to say that this is a pretty HQ post, the only thing stopping me from taking the 'pretty' out of that and just calling it 'HQ' is your grammar, but that's okay.

Now that I've said that I can start:

Though I agree with you that Microsoft should integrate the encryption and decryption of files on computer lock/user log-out, it would drastically decrease the performance speed of windows. In addition, the encryption of passwords only isn't actually that bad, though it is possible to break through, It takes more time than a hacker usually has. This is due to the fact that to break into a logged-out or locked computer you need to have full access to that computer, that usually means either sending it some sort of malware or physically using the computer. The problem with both of these would be: When a computer is locked/logged-off it won't execute commands sent from said malware, thus, it wouldn't be practical to attempt to break through remotely with just malware. Secondly, Physically accessing the computer could be risky and would take a while to break through the password (even if you could some how brute force it). This problem of time and accessibility puts a serious problem in front of the hacker(s). Microsoft assumes that no hacker would have the time, or patience, to attempt breaking into a locked/logged-off computer, so they don't encrypt the files. Instead of encryption on log-off/lock Microsoft should incorporate encryption on creation and decryption on use. This would make stealing files/information much more difficult because each one would be encrypted and the hacker would need to decrypt them on activation. However, this would cause a MUCH bigger performance speed problem. In conclusion, to make a total file encryption/decryption system on log-off/lock would be largely inefficient. In fact, to make a total file encryption/decryption system would be largely inefficient in general.

I hope this answered your question.


-Daniel

[Eternity]

Before I begin I'd like to say that this is a pretty HQ post, the only thing stopping me from taking the 'pretty' out of that and just calling it 'HQ' is your grammar, but that's okay.

Now that I've said that I can start:

Though I agree with you that Microsoft should integrate the encryption and decryption of files on computer lock/user log-out, it would drastically decrease the performance speed of windows. In addition, the encryption of passwords only isn't actually that bad, though it is possible to break through, It takes more time than a hacker usually has. This is due to the fact that to break into a logged-out or locked computer you need to have full access to that computer, that usually means either sending it some sort of malware or physically using the computer. The problem with both of these would be: When a computer is locked/logged-off it won't execute commands sent from said malware, thus, it wouldn't be practical to attempt to break through remotely with just malware. Secondly, Physically accessing the computer could be risky and would take a while to break through the password (even if you could some how brute force it). This problem of time and accessibility puts a serious problem in front of the hacker(s). Microsoft assumes that no hacker would have the time, or patience, to attempt breaking into a locked/logged-off computer, so they don't encrypt the files. Instead of encryption on log-off/lock Microsoft should incorporate encryption on creation and decryption on use. This would make stealing files/information much more difficult because each one would be encrypted and the hacker would need to decrypt them on activation. However, this would cause a MUCH bigger performance speed problem. In conclusion, to make a total file encryption/decryption system on log-off/lock would be largely inefficient. In fact, to make a total file encryption/decryption system would be largely inefficient in general.

I hope this answered your question.


-Daniel

Thanks for answering :angel:

Also NTML hashes is pretty low tech since i use around few minutes to crack a 6 character long password.

[Zealotry]

Before I begin I'd like to say that this is a pretty HQ post, the only thing stopping me from taking the 'pretty' out of that and just calling it 'HQ' is your grammar, but that's okay.

Now that I've said that I can start:

Though I agree with you that Microsoft should integrate the encryption and decryption of files on computer lock/user log-out, it would drastically decrease the performance speed of windows. In addition, the encryption of passwords only isn't actually that bad, though it is possible to break through, It takes more time than a hacker usually has. This is due to the fact that to break into a logged-out or locked computer you need to have full access to that computer, that usually means either sending it some sort of malware or physically using the computer. The problem with both of these would be: When a computer is locked/logged-off it won't execute commands sent from said malware, thus, it wouldn't be practical to attempt to break through remotely with just malware. Secondly, Physically accessing the computer could be risky and would take a while to break through the password (even if you could some how brute force it). This problem of time and accessibility puts a serious problem in front of the hacker(s). Microsoft assumes that no hacker would have the time, or patience, to attempt breaking into a locked/logged-off computer, so they don't encrypt the files. Instead of encryption on log-off/lock Microsoft should incorporate encryption on creation and decryption on use. This would make stealing files/information much more difficult because each one would be encrypted and the hacker would need to decrypt them on activation. However, this would cause a MUCH bigger performance speed problem. In conclusion, to make a total file encryption/decryption system on log-off/lock would be largely inefficient. In fact, to make a total file encryption/decryption system would be largely inefficient in general.

I hope this answered your question.


-Daniel

English is not Eternity's primary language, so I say his grammar is fine.

What I don't understand is why they don't offer a TrueCrypt type option (without, of course, the anti forensics functions). Daniel is right, though, it would take far too long for a hacker to break in to just an everyday computer.

[AnonFreeworld]

It should be left alone honestly. With there being so many programs out there that you can use for this anyways. For example a favorite one "TrueCrypt" is a very good encrypting program. There is a guide for it for people who are new to computing so it really helps. And yeah NTML hashes are weak maybe they should simply update that feature to a stronger encryption such as AES-256. A military grade encryption. BUT I must agree that in general Windows security is stupid because it's kinda hard for linux to get viruses but windows it's not that hard lol. (All though you should still have avast for your linux and a rootkit hunter.) You can use 25 Rakkable GPU servers and crack 150,000,000 passwords per second when it comes to NTML. Fucking hilarious and awesome. Your own small craig server even though its not close to a craig server lol.