cancel
Showing results for 
Search instead for 
Did you mean: 
SCtbe
Level 12

EE recovery security

Hi,

It's known that new EEPCv6 generates recovery information in plaintext xml format, where encryption key if fully readable. So it possibly make security risk as this file may be read by unauthorized person.

In my opinion, this file should be encrypted for example by password entered during export and required to import into EETech.

What you think about this?

Regards.

0 Kudos
5 Replies
peter_eepc
Level 15

Re: EE recovery security

From security point of view I don't see it much different than in previous EE versions.

You need to protect your SDB/XML files.

0 Kudos
SCtbe
Level 12

Re: EE recovery security

But is SDB file encrypted, it isn't (seems to be)? Which means it can be used only by WinTech/SafeTech tool.

Please correct me if I'm wrong.

0 Kudos
peter_eepc
Level 15

Re: EE recovery security

It does not matter if it is encrypted or not. Once you have SDB file, you can access protected disk data using tools that you have mentioned.

0 Kudos
SCtbe
Level 12

Re: EE recovery security

In my opinion it's not true, because I have to get WinTech tools (requires grant number to download) and daily authorization code (requires service portal account). If I have encryption key I can use "some other tools" to "read" encrypted disk.

It is not said that getting tech tool and daily code is hard to get, but it’s some kind of protection. Unless, McAfee implements AES in own propertiary way, then the case is simple.

Fortunately exporting recovery information can be restricted to authorized persons.

0 Kudos
peter_eepc
Level 15

Re: EE recovery security

Don't rely on obscurity in obtaining WinTech/SafeTech/EETech applications, or daily codes.

Protect access to the management console and exported security information.

0 Kudos