0 Replies Latest reply on Jul 30, 2015 12:50 PM by slateythree

    McAfee FRP 4.3.1 Enforce encryption for onsite and enforce encryption for offsite access

    slateythree

      It appears I have found a loophole in the way FRP encryption enforces file & folder based encryption when it comes to a container based encrypted drive.  If you have a USB stick encrypted with the enforce encryption offsite access policy, and then use it on a system where enforce encryption onsite access only is enabled, you can write unencrypted files to the Unprotected space.  I would very much appreciate if someone else could confirm this case for me.

       

      Steps to reproduce:

       

      1)  Initialize a USB stick with the enforce encryption offsite access

      2) Take USB stick over to a system/user which has the policy Enforce Encryption onsite access only - do not enter the password for the drive when prompted

      3) Attempt to write new files to the unprotected partition - files copy over unencrypted.

      4) Attempt to delete files from the unprotected partition - files are deleted

      5) Authenticate the drive to access the encrypted partition

      6) Unprotected partition is still completely writable, but files copied to the protected partition are encrypted as expected

       

       

      Expected behavior would be to either block writing to the unprotected partition, or encrypt the files when they are copied to the unprotected partition

       

      Is anyone else able to reproduce this behavior?