Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.
Decrypt Files - No Keys
Experts,
I have a serious problem. I have a client that had a bunch of personal data on his work laptop. He retired and sent the laptop back , only before I copied over his documents and music...etc. Well I just went to copy back his data to his new computer and found out that the files are encrypted. I have no way to decrypt them as the laptop was sent back and most likely the HDD was destroyed. So is there any hope of decrypting the files? I have already tried Advnaced EFS Data Recovery but it says the files are not decryptable.
Thanks,
--Steve
I have a serious problem. I have a client that had a bunch of personal data on his work laptop. He retired and sent the laptop back , only before I copied over his documents and music...etc. Well I just went to copy back his data to his new computer and found out that the files are encrypted. I have no way to decrypt them as the laptop was sent back and most likely the HDD was destroyed. So is there any hope of decrypting the files? I have already tried Advnaced EFS Data Recovery but it says the files are not decryptable.
Thanks,
--Steve
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
And now you see what on the USB HDD? You see the directory structure and files, as you copied them, but when you try to open them they're encrypted?
Files and folders are decrypted before being copied to a volume formatted with another file system, like FAT 32. Finally , when encrypted files are copied over the network using the SMB / CIFS protocol , the files are decrypted before they are sent over the network .
If EFS is configured to use keys issued by a Public Key Infrastructure and the PKI is configured to enable Key Archival and Recovery , encrypted files can be recovered by recovering the private key first .
If you did not backup your keys, but have permitted other users to EFS share your encrypted files, those users can recover your data .
http://www.stanford.edu/group/security/securecomputing/pc_file_encryption.html
If EFS is configured to use keys issued by a Public Key Infrastructure and the PKI is configured to enable Key Archival and Recovery , encrypted files can be recovered by recovering the private key first .
If you did not backup your keys, but have permitted other users to EFS share your encrypted files, those users can recover your data .
http://www.stanford.edu/group/security/securecomputing/pc_file_encryption.html
this is another useful references but it states much to get info from the user machine. if it is not functioning, forensic of machine would be last resort or brute force which may not be logical as final resort. see its "r e c o v e r y w i t h n o i n f o r m a t i o n a t a l l - s p e c i a l i s t m e t h o d s"
http://www.beginningtoseethelight.org/efsrecovery/
http://www.beginningtoseethelight.org/efsrecovery/
without the user private key in his machine, it is tough to decrypt his data esp when the HDD is not available. Otherwise if there is backup of the issued keyset certificate, we can try to setup in new machine. Likewise, if copying can be done through network or into non-NTFS storage, there can be some hope.
Else suggest professional support to recover HDD, there is such expertise to reconstruct as long as it is not of intense physical damage on key sector storing those data or even keyset.
There is also data recovery agent such as local admin or domain admin as the contigencies. They would be transparent when efs is enabled.
But the above is possibilities relying on the efs fundamentals but from the Advanced EFS Data Recovery website, its professional (not trial) does share it is capable to handle this situation. As consumer, can consider dropping them an email on this, they would be able to assist or minimally, confirmed it is "non-decryptable"
http://www.elcomsoft.com/aefsdr.html
Just some thoughts.
Else suggest professional support to recover HDD, there is such expertise to reconstruct as long as it is not of intense physical damage on key sector storing those data or even keyset.
There is also data recovery agent such as local admin or domain admin as the contigencies. They would be transparent when efs is enabled.
But the above is possibilities relying on the efs fundamentals but from the Advanced EFS Data Recovery website, its professional (not trial) does share it is capable to handle this situation. As consumer, can consider dropping them an email on this, they would be able to assist or minimally, confirmed it is "non-decryptable"
http://www.elcomsoft.com/aefsdr.html
Just some thoughts.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial