Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Encryption of Read-Only File Possible??


  • Please log in to reply
6 replies to this topic

#1 skuddle

skuddle

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:32 PM

Posted 17 April 2015 - 04:25 PM

In Windows Vista (SP2), if I set a file's attributes to "Read-Only" can that file then be encrypted by somebody else (so they can ask for a "ransom")?


Edited by Chris Cosgrove, 17 April 2015 - 05:49 PM.
Moved from Vista to 'General Security'


BC AdBot (Login to Remove)

 


#2 O.T.T.

O.T.T.

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:32 PM

Posted 17 April 2015 - 06:09 PM

I encrypted a "read only" txt-file with AxCrypt and that worked... so your answer is yes it is possible !

 

OTT


Please ask Google why some of my links don't work anymore !


#3 😇

😇

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 02 June 2015 - 05:28 PM

Yes, it's not protection against a ransomware, since it can:

  • Remove the read-only flag and rewrite your file
  • Write an encrypted copy to a new file and delete the previous

 

You would need to have it on a read-only media sucha s a CD/DVD.



#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 PM

Posted 03 June 2015 - 03:52 PM

If you want to make a file read-only to protect it from cryptoware, don't use the read-only flag, but ACLs.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 skuddle

skuddle
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:32 PM

Posted 19 October 2018 - 12:55 PM

Sorry for the 3-year-long delay in responding to your post.

 

In the context in which you used it, what does "ACL" stand for?



#6 midimusicman79

midimusicman79

  • Members
  • 790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:11:32 PM

Posted 23 October 2018 - 07:34 PM

Hi, skuddle!

In the context being used, ACL stands for Access Control List.

More information is available from here:

https://en.wikipedia.org/wiki/Access_control_list

Good luck! :)

Regards,
midimusicman79

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:32 PM

Posted 24 October 2018 - 03:15 AM

That's right: Access Control List. An on Windows, more specifically, the Discretionary Access Control List (DACL) of the Security Descriptor (SD) of the file.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users