Jump to content

Encryption removal


Recommended Posts

Guest Richard
Posted

I have an Excel file that I encrypted. I wish to remove the encryption.

 

After encrytion of this file, I was required by Dell to reload my OS

(Windows XP SP2) on my home computer due to a problem they could not

otherwise solve. Prior to the reload I had copied the Excel file to an

external drive. After bringing my computer back up, I find I cannot open the

Excel file because "The document may be read-only or encrypted". It's not

read-only, but it was/is encrypted. Since I can't access it, I attempted to

remove the encryption via "Properties, Attributes (Advanced)" and removing

the check mark from "Encrypt contents to secure data". I tried to apply this

but got "An error occurred applying attributes to the file ....... " and

nothing changed.

 

So in the "Advanced Attributes" dialog box I clicked on details and was

shown "Users Who Can Transparently Access This File" dialog box which

included the User Name "Dick ........" (which is me, the system

administrator). I high-lighted "Dick..." and clicked on "Add" and got the

"Certificate"

display - under the General tab it indicated "This CA Root certificate is

not to be trusted. To enable trust, install this certificate in the Trusted

Root Certificates Authorities store."

 

I'm wondering if this may not be the reason why I can't open or change the

encryption of the Excel file. I'm also at a loss as to how to "install this

certificate in the Trusted Root Certificates Authorities store". I've

searched the Microsoft knowledge base but have yet to discover if this might

be the problem or how to do this install.

 

Can someone help or point me to a place that might help ?

Guest Carey Frisch  [MVP]
Posted

Re: Encryption removal

 

If you don't have a backup copy of the original encryption key or a recovery certificate,

you won't be able to access your encrypted files. Reinstalling Windows XP won't work

either since the security ID will be different.

 

--

Carey Frisch

Microsoft MVP

Windows Desktop Experience -

Windows Vista Enthusiast

 

---------------------------------------------------------------

 

"Richard" <Richard@discussions.microsoft.com> wrote in message news:29A14008-43E0-4011-9796-B862377AAC5D@microsoft.com...

I have an Excel file that I encrypted. I wish to remove the encryption.

 

After encrytion of this file, I was required by Dell to reload my OS

(Windows XP SP2) on my home computer due to a problem they could not

otherwise solve. Prior to the reload I had copied the Excel file to an

external drive. After bringing my computer back up, I find I cannot open the

Excel file because "The document may be read-only or encrypted". It's not

read-only, but it was/is encrypted. Since I can't access it, I attempted to

remove the encryption via "Properties, Attributes (Advanced)" and removing

the check mark from "Encrypt contents to secure data". I tried to apply this

but got "An error occurred applying attributes to the file ....... " and

nothing changed.

 

So in the "Advanced Attributes" dialog box I clicked on details and was

shown "Users Who Can Transparently Access This File" dialog box which

included the User Name "Dick ........" (which is me, the system

administrator). I high-lighted "Dick..." and clicked on "Add" and got the

"Certificate"

display - under the General tab it indicated "This CA Root certificate is

not to be trusted. To enable trust, install this certificate in the Trusted

Root Certificates Authorities store."

 

I'm wondering if this may not be the reason why I can't open or change the

encryption of the Excel file. I'm also at a loss as to how to "install this

certificate in the Trusted Root Certificates Authorities store". I've

searched the Microsoft knowledge base but have yet to discover if this might

be the problem or how to do this install.

 

Can someone help or point me to a place that might help ?

Guest Gurney
Posted

Re: Encryption removal

 

On Sun, 22 Jun 2008 12:06:00 -0700, Richard

<Richard@discussions.microsoft.com> wrote:

>I have an Excel file that I encrypted. I wish to remove the encryption.

>

>After encrytion of this file, I was required by Dell to reload my OS

>(Windows XP SP2) on my home computer due to a problem they could not

>otherwise solve. Prior to the reload I had copied the Excel file to an

>external drive. After bringing my computer back up, I find I cannot open the

>Excel file because "The document may be read-only or encrypted". It's not

>read-only, but it was/is encrypted. Since I can't access it, I attempted to

>remove the encryption via "Properties, Attributes (Advanced)" and removing

>the check mark from "Encrypt contents to secure data". I tried to apply this

>but got "An error occurred applying attributes to the file ....... " and

>nothing changed.

>

>So in the "Advanced Attributes" dialog box I clicked on details and was

>shown "Users Who Can Transparently Access This File" dialog box which

>included the User Name "Dick ........" (which is me, the system

>administrator). I high-lighted "Dick..." and clicked on "Add" and got the

>"Certificate"

>display - under the General tab it indicated "This CA Root certificate is

>not to be trusted. To enable trust, install this certificate in the Trusted

>Root Certificates Authorities store."

>

>I'm wondering if this may not be the reason why I can't open or change the

>encryption of the Excel file. I'm also at a loss as to how to "install this

>certificate in the Trusted Root Certificates Authorities store". I've

>searched the Microsoft knowledge base but have yet to discover if this might

>be the problem or how to do this install.

>

>Can someone help or point me to a place that might help ?

>

>

Another example of why HOME users have no need of encryption. What

state leve secrets were you protecting? There are easier ways to hide

the location of your porn.

Guest Anthony Buckland
Posted

Re: Encryption removal

 

 

"Richard" <Richard@discussions.microsoft.com> wrote in message

news:29A14008-43E0-4011-9796-B862377AAC5D@microsoft.com...

>I have an Excel file that I encrypted. I wish to remove the encryption.

>

> After encrytion of this file, I was required by Dell to reload my OS

> (Windows XP SP2) on my home computer due to a problem they could not

> otherwise solve. Prior to the reload I had copied the Excel file to an

> external drive. After bringing my computer back up, I find I cannot open

> the

> Excel file because "The document may be read-only or encrypted". It's not

> read-only, but it was/is encrypted. Since I can't access it, I attempted

> to

> remove the encryption via "Properties, Attributes (Advanced)" and removing

> the check mark from "Encrypt contents to secure data". I tried to apply

> this

> but got "An error occurred applying attributes to the file ....... " and

> nothing changed.

> ...

 

A little more is required than removing the "encrypted" property.

What _is_ required is actually decrypting the encrypted information.

Your approach is certainly original though. Think of how WWII could

have been shortened if only we could have taken encrypted Japanese

and German transmissions and have removed the property of being

encrypted from them. :)

 

1) Find the password.

 

2) Find the encryption method.

 

3) Run 2) in reverse using 1).

 

4) Lacking both 1) _and_ 2), go find a corner and weep in it.

Guest Richard
Posted

Re: Encryption removal

 

Carey

 

I think what you're telling me is that I lost the original encryption key

when I reloaded the OS. Is that correct ?

 

Since I did a full backup of my Hard Drive to an External Drive prior to the

reload, is it possible I still have a copy the needed (original) encrytion

key on my external drive ?

 

Richard

 

"Carey Frisch [MVP]" wrote:

> If you don't have a backup copy of the original encryption key or a recovery certificate,

> you won't be able to access your encrypted files. Reinstalling Windows XP won't work

> either since the security ID will be different.

>

> --

> Carey Frisch

> Microsoft MVP

> Windows Desktop Experience -

> Windows Vista Enthusiast

>

> ---------------------------------------------------------------

>

> "Richard" <Richard@discussions.microsoft.com> wrote in message news:29A14008-43E0-4011-9796-B862377AAC5D@microsoft.com...

> I have an Excel file that I encrypted. I wish to remove the encryption.

>

> After encrytion of this file, I was required by Dell to reload my OS

> (Windows XP SP2) on my home computer due to a problem they could not

> otherwise solve. Prior to the reload I had copied the Excel file to an

> external drive. After bringing my computer back up, I find I cannot open the

> Excel file because "The document may be read-only or encrypted". It's not

> read-only, but it was/is encrypted. Since I can't access it, I attempted to

> remove the encryption via "Properties, Attributes (Advanced)" and removing

> the check mark from "Encrypt contents to secure data". I tried to apply this

> but got "An error occurred applying attributes to the file ....... " and

> nothing changed.

>

> So in the "Advanced Attributes" dialog box I clicked on details and was

> shown "Users Who Can Transparently Access This File" dialog box which

> included the User Name "Dick ........" (which is me, the system

> administrator). I high-lighted "Dick..." and clicked on "Add" and got the

> "Certificate"

> display - under the General tab it indicated "This CA Root certificate is

> not to be trusted. To enable trust, install this certificate in the Trusted

> Root Certificates Authorities store."

>

> I'm wondering if this may not be the reason why I can't open or change the

> encryption of the Excel file. I'm also at a loss as to how to "install this

> certificate in the Trusted Root Certificates Authorities store". I've

> searched the Microsoft knowledge base but have yet to discover if this might

> be the problem or how to do this install.

>

> Can someone help or point me to a place that might help ?

>

>

>

>

Guest John Wunderlich
Posted

Re: Encryption removal

 

=?Utf-8?B?UmljaGFyZA==?= <Richard@discussions.microsoft.com> wrote

in news:3AAC8B09-143D-4787-B886-1EE57010EA7E@microsoft.com:

> Carey

>

> I think what you're telling me is that I lost the original

> encryption key when I reloaded the OS. Is that correct ?

 

Yes.

>

> Since I did a full backup of my Hard Drive to an External Drive

> prior to the reload, is it possible I still have a copy the needed

> (original) encrytion key on my external drive ?

>

> Richard

 

It depends on what a "full backup" is. If you can completely restore

your old operating system from this backup, then boot from it and login

using your old login and password, then maybe you can recover it.

Usually this is only possible with an "image"-style backup.

 

Good Luck,

John

Guest Richard
Posted

Re: Encryption removal

 

I said "backup" but in reality I did a drop and drop copy of all the various

directories. I don't believe this is considered an image style backup but

please correct me if I'm wrong.

 

"John Wunderlich" wrote:

> =?Utf-8?B?UmljaGFyZA==?= <Richard@discussions.microsoft.com> wrote

> in news:3AAC8B09-143D-4787-B886-1EE57010EA7E@microsoft.com:

>

> > Carey

> >

> > I think what you're telling me is that I lost the original

> > encryption key when I reloaded the OS. Is that correct ?

>

> Yes.

>

> >

> > Since I did a full backup of my Hard Drive to an External Drive

> > prior to the reload, is it possible I still have a copy the needed

> > (original) encrytion key on my external drive ?

> >

> > Richard

>

> It depends on what a "full backup" is. If you can completely restore

> your old operating system from this backup, then boot from it and login

> using your old login and password, then maybe you can recover it.

> Usually this is only possible with an "image"-style backup.

>

> Good Luck,

> John

>

Guest Gurney
Posted

Re: Encryption removal

 

On Tue, 24 Jun 2008 14:17:00 -0700, Richard

<Richard@discussions.microsoft.com> wrote:

>I said "backup" but in reality I did a drop and drop copy of all the various

>directories. I don't believe this is considered an image style backup but

>please correct me if I'm wrong.

>

>"John Wunderlich" wrote:

>

>> =?Utf-8?B?UmljaGFyZA==?= <Richard@discussions.microsoft.com> wrote

>> in news:3AAC8B09-143D-4787-B886-1EE57010EA7E@microsoft.com:

>>

>> > Carey

>> >

>> > I think what you're telling me is that I lost the original

>> > encryption key when I reloaded the OS. Is that correct ?

>>

>> Yes.

>>

>> >

>> > Since I did a full backup of my Hard Drive to an External Drive

>> > prior to the reload, is it possible I still have a copy the needed

>> > (original) encrytion key on my external drive ?

>> >

>> > Richard

>>

>> It depends on what a "full backup" is. If you can completely restore

>> your old operating system from this backup, then boot from it and login

>> using your old login and password, then maybe you can recover it.

>> Usually this is only possible with an "image"-style backup.

>>

>> Good Luck,

>> John

>>

No it's not. Your hosed. See why encryption isn't a good idea to

protect your porn?

 

By the way, replies go down HERE.

Guest Anthony Buckland
Posted

Re: Encryption removal

 

 

"Gurney" <none@nobody.net> wrote in message

news:d9v2645jicj6m0cdvp5n4vmvpni2k241sb@4ax.com...

> On Tue, 24 Jun 2008 14:17:00 -0700, Richard

> <Richard@discussions.microsoft.com> wrote:

>

>>I said "backup" but in reality I did a drop and drop copy of all the

>>various

>>directories. I don't believe this is considered an image style backup but

>>please correct me if I'm wrong.

...

> No it's not. Your hosed. See why encryption isn't a good idea to

> protect your porn?

>

> By the way, replies go down HERE.

>

 

Give Richard a break, it could have been the family investment

records. But in any case, encryption is a very useful but, in

careless hands, very dangerous tool for hiding things. I'd

recommend two steps: before encryption, make a backup

copy of the private data, and _hide_it_really_well_. The bottom

of the underwear drawer is not "really well". Protected with

nested wrappings and buried when no-one is

looking in a place not easily guessed at is pretty much

"really well". Tucked into an unlikely place in the

construction of a really trustworthy friend's house, likewise.

Step two, encrypt, and _do_not_lose_or_reveal_the_key_,

then do a true image backup as part of your regular backup

procedures. An image is an absolutely total copy of your

hard disk partition, and when you use it to restore, everything

without exception in the partition is restored to its state

when you did the backup, bit by damned bit, and all changes

since the backup, also without any exception, are lost.

Guest Patrick Keenan
Posted

Re: Encryption removal

 

 

"Anthony Buckland" <anthonybucklandnospam@telus.net> wrote in message

news:urcNVgO1IHA.4572@TK2MSFTNGP03.phx.gbl...

>

> "Richard" <Richard@discussions.microsoft.com> wrote in message

> news:29A14008-43E0-4011-9796-B862377AAC5D@microsoft.com...

>>I have an Excel file that I encrypted. I wish to remove the encryption.

>>

>> After encrytion of this file, I was required by Dell to reload my OS

>> (Windows XP SP2) on my home computer due to a problem they could not

>> otherwise solve. Prior to the reload I had copied the Excel file to an

>> external drive. After bringing my computer back up, I find I cannot open

>> the

>> Excel file because "The document may be read-only or encrypted". It's not

>> read-only, but it was/is encrypted. Since I can't access it, I attempted

>> to

>> remove the encryption via "Properties, Attributes (Advanced)" and

>> removing

>> the check mark from "Encrypt contents to secure data". I tried to apply

>> this

>> but got "An error occurred applying attributes to the file ....... " and

>> nothing changed.

>> ...

>

> A little more is required than removing the "encrypted" property.

> What _is_ required is actually decrypting the encrypted information.

> Your approach is certainly original though. Think of how WWII could

> have been shortened if only we could have taken encrypted Japanese

> and German transmissions and have removed the property of being

> encrypted from them. :)

>

> 1) Find the password.

>

> 2) Find the encryption method.

>

> 3) Run 2) in reverse using 1).

>

> 4) Lacking both 1) _and_ 2), go find a corner and weep in it.

 

Unfortunately the Windows EFS scheme does not rely on the password. You

have to have the user account in *original running condition*, or backed-up

credentials, or a pre-defined recovery agent to decrypt the files.

Having the password will get you nowhere.

 

Yes, it seems that the OP has permanently lost access to the encrypted

files.

 

MS did a really good job at making strong encryption easily available, but

nowhere near as good a job at making sure users had to protect themselves

from its consequences. It should be mandatory to back up the credentials,

at very least, but it isn't.

 

There's no happy ending to this story, once again.

 

-pk

Guest Patrick Keenan
Posted

Re: Encryption removal

 

"Richard" <Richard@discussions.microsoft.com> wrote in message

news:6F6A68E1-B1E1-45C7-A105-06BE5B0F7816@microsoft.com...

>I said "backup" but in reality I did a drop and drop copy of all the

>various

> directories. I don't believe this is considered an image style backup but

> please correct me if I'm wrong.

 

You are not wrong, this is not an image, and will not help you recover the

files. They are permanently encrypted unless you have the account running

*in original condition*, or backed up the account credentials (this should

not be optional, but is, and is often neglected) and can import them, or if

you designated a recovery agent. Remarkably few people take the last two

steps, as they are optional. The password by itself will not help you.

 

In the same vein, resetting the password from outside the user account, as

is very often suggested in the case of a lost password, will have exactly

the same effect. Encrypted data will be permanently lost unless the

account credentials were backed up and can be imported, or a recovery agent

specified. You can not fix it by resetting the password to the original.

 

So, you have to be very careful with recommendations for using

password-reset disks; if the OS is XP Pro, there's always the possibility of

permanent data loss.

 

Support staff should realize that XP Pro reinstalls carry this risk, but

sometimes don't consider the implications of the reinstall. To help

close the gap for others, you might consider a careful letter to Dell

explaining that their support scripts lack a key question that can lead to

permanent data loss.

 

An image, such as is created with Acronis True Image, Ghost, Casper, etc.

would, if restored and running, allow you to regain access to the files.

Even if the image was a little out of date, you could restore the image to

another drive, export the credentials, and then use those exported

credentials on the new install to gain access to the most recent version of

the encrypted files.

 

It's too late for this, but in cases where there's the possibility of

encryption, it's a good idea to clone the drive, set the original aside,

then work with the clone to see what can be done. You can re-clone as many

times as you need to, and still have the original.

 

Unfortunately, when people post with questions about encyption, it's a story

without a happy ending.

 

Sorry there isn't better news.

 

-pk

 

>

> "John Wunderlich" wrote:

>

>> =?Utf-8?B?UmljaGFyZA==?= <Richard@discussions.microsoft.com> wrote

>> in news:3AAC8B09-143D-4787-B886-1EE57010EA7E@microsoft.com:

>>

>> > Carey

>> >

>> > I think what you're telling me is that I lost the original

>> > encryption key when I reloaded the OS. Is that correct ?

>>

>> Yes.

>>

>> >

>> > Since I did a full backup of my Hard Drive to an External Drive

>> > prior to the reload, is it possible I still have a copy the needed

>> > (original) encrytion key on my external drive ?

>> >

>> > Richard

>>

>> It depends on what a "full backup" is. If you can completely restore

>> your old operating system from this backup, then boot from it and login

>> using your old login and password, then maybe you can recover it.

>> Usually this is only possible with an "image"-style backup.

>>

>> Good Luck,

>> John

>>

Guest John Wunderlich
Posted

Re: Encryption removal

 

=?Utf-8?B?UmljaGFyZA==?= <Richard@discussions.microsoft.com> wrote

in news:6F6A68E1-B1E1-45C7-A105-06BE5B0F7816@microsoft.com:

> "John Wunderlich" wrote:

>

>> =?Utf-8?B?UmljaGFyZA==?= <Richard@discussions.microsoft.com>

>> wrote in news:3AAC8B09-143D-4787-B886-1EE57010EA7E@microsoft.com:

>>

>>> Carey

>>>

>>> I think what you're telling me is that I lost the original

>>> encryption key when I reloaded the OS. Is that correct ?

>>

>> Yes.

>>

>>>

>>> Since I did a full backup of my Hard Drive to an External Drive

>>> prior to the reload, is it possible I still have a copy the

>>> needed (original) encrytion key on my external drive ?

>>>

>>> Richard

>>

>> It depends on what a "full backup" is. If you can completely

>> restore your old operating system from this backup, then boot

>> from it and login using your old login and password, then maybe

>> you can recover it. Usually this is only possible with an

>> "image"-style backup.

>>

>> Good Luck,

>> John

>>

> I said "backup" but in reality I did a drop and drop copy of all

> the various directories. I don't believe this is considered an

> image style backup but please correct me if I'm wrong.

 

I'm afraid that's not good enough. You've most certainly lost your

data.

 

Moving forward, consider the freeware "Truecrypt". It creates a

container file that only depends on a passphrase to access the data

and in your situation, you'd have a happy ending.

 

<http://www.truecrypt.org>

 

If you wish to continue using EFS, make sure to backup your

certificate. Note that this could pose a threat, as anyone who gains

possession of your backup certificate has access to your data.

 

HTH,

John

Guest Gurney
Posted

Re: Encryption removal

 

On Tue, 24 Jun 2008 21:51:57 -0700, "Anthony Buckland"

<anthonybucklandnospam@telus.net> wrote:

>

>"Gurney" <none@nobody.net> wrote in message

>news:d9v2645jicj6m0cdvp5n4vmvpni2k241sb@4ax.com...

>> On Tue, 24 Jun 2008 14:17:00 -0700, Richard

>> <Richard@discussions.microsoft.com> wrote:

>>

>>>I said "backup" but in reality I did a drop and drop copy of all the

>>>various

>>>directories. I don't believe this is considered an image style backup but

>>>please correct me if I'm wrong.

> ...

>> No it's not. Your hosed. See why encryption isn't a good idea to

>> protect your porn?

>>

>> By the way, replies go down HERE.

>>

>

>Give Richard a break, it could have been the family investment

>records. But in any case, encryption is a very useful but, in

>careless hands, very dangerous tool for hiding things. I'd

>recommend two steps: before encryption, make a backup

>copy of the private data, and _hide_it_really_well_. The bottom

>of the underwear drawer is not "really well". Protected with

>nested wrappings and buried when no-one is

>looking in a place not easily guessed at is pretty much

>"really well". Tucked into an unlikely place in the

>construction of a really trustworthy friend's house, likewise.

>Step two, encrypt, and _do_not_lose_or_reveal_the_key_,

>then do a true image backup as part of your regular backup

>procedures. An image is an absolutely total copy of your

>hard disk partition, and when you use it to restore, everything

>without exception in the partition is restored to its state

>when you did the backup, bit by damned bit, and all changes

>since the backup, also without any exception, are lost.

>

 

I say again: there is nothing on your home computer that could

normally warrant encryption for a couple of reasons:

 

1. It is too easy for the oridnary user to screw up and lose

everythingh encrypted, and

 

2. It's only as strong as the account containing it. Most folks

don't even bother with a password, and as encryption is transparent it

means I can walk up to their machine and access whatever I want.

 

Don't use it. It's a ticking time bomb.

Guest Anthony Buckland
Posted

Re: Encryption removal

 

 

"Gurney" <none@nobody.net> wrote in message

news:0pm5641mpsr3nh91dhpal93c23a7ifu0e6@4ax.com...

> On Tue, 24 Jun 2008 21:51:57 -0700 wrote:

>> ... stuff ...>

> I say again: there is nothing on your home computer that could

> normally warrant encryption for a couple of reasons:

>

> 1. It is too easy for the oridnary user to screw up and lose

> everythingh encrypted, and

>

> 2. It's only as strong as the account containing it. Most folks

> don't even bother with a password, and as encryption is transparent it

> means I can walk up to their machine and access whatever I want.

>

> Don't use it. It's a ticking time bomb.

>

 

I sort of agree, although I've found it useful for, e.g., sensitive

data carried in a manner vulnerable to theft.

 

A simple way to protect stuff you don't want seen, though, is

to keep it _only_ on removable media, with a backup copy,

and keep one copy with you and the other in a safety deposit

box to which you do not give anyone else a key. You do,

though, run into the theft vulnerability problem. Alternatively, keep

one copy hidden but handy, and the other in the box. "Hidden"

is a problem unless you can get private unobserved access

to a reasonably unlikely place.

 

Relationships, reputations, jobs, lives and sometimes battles

(e.g., Midway) have been lost over the issue of hiding data,

and if you can't avoid having secrets (well, that's all of us, if

you include ATM and debit card numbers) you have to give

some thought to the issue.

 

---------------------------------------------------------

 

Gurney's remark 2. about transparency is relevant only if

the encryption method is account-dependent. I wouldn't,

for more than one reason, touch such a method with a

three-metre pole.

×
×
  • Create New...