cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor SCtbe
Reliable Contributor
Report Inappropriate Content
Message 1 of 6

EE recovery security

Hi,

It's known that new EEPCv6 generates recovery information in plaintext xml format, where encryption key if fully readable. So it possibly make security risk as this file may be read by unauthorized person.

In my opinion, this file should be encrypted for example by password entered during export and required to import into EETech.

What you think about this?

Regards.

5 Replies

Re: EE recovery security

From security point of view I don't see it much different than in previous EE versions.

You need to protect your SDB/XML files.

Reliable Contributor SCtbe
Reliable Contributor
Report Inappropriate Content
Message 3 of 6

Re: EE recovery security

But is SDB file encrypted, it isn't (seems to be)? Which means it can be used only by WinTech/SafeTech tool.

Please correct me if I'm wrong.

Re: EE recovery security

It does not matter if it is encrypted or not. Once you have SDB file, you can access protected disk data using tools that you have mentioned.

Reliable Contributor SCtbe
Reliable Contributor
Report Inappropriate Content
Message 5 of 6

Re: EE recovery security

In my opinion it's not true, because I have to get WinTech tools (requires grant number to download) and daily authorization code (requires service portal account). If I have encryption key I can use "some other tools" to "read" encrypted disk.

It is not said that getting tech tool and daily code is hard to get, but it’s some kind of protection. Unless, McAfee implements AES in own propertiary way, then the case is simple.

Fortunately exporting recovery information can be restricted to authorized persons.

Re: EE recovery security

Don't rely on obscurity in obtaining WinTech/SafeTech/EETech applications, or daily codes.

Protect access to the management console and exported security information.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community