This content has been marked as final. Show 1 reply
1. You woudnt need to - you machine is effectively open. You could use a firewire attack, or network attack just to suck the data off, or a cold boot attack.
see My Blog
in short, if you turn off pre-boot, then you stored the key for encryption on the disk. Thus you can most likely not claim protection from data disclosure any more.
But yes, someone could sniff the SAM over the wire and crack the users windows password. Personally I'd just use a firewire or network attack to break through the windows Login.
2. That's up to windows of course, most likely yes.
3. That's what turning off pre-boot does. You'll get the windows login of course.
4. Yes, you need to make a policy change.