[KLUG Members] NTFS5

[Mike Williams]

>Message: 12
>Date: Sun, 05 Aug 2001 00:21:58 -0400
>From: "Bryan J. Smith" <b.j.smith@ieee.org>
>Organization: SmithConcepts, Inc.
>To: members@kalamazoolinux.org
>Subject: Re: [KLUG Members] Is NTFS not supported?
>Reply-To: members@kalamazoolinux.org
>
>jeff wrote:
>> my suse can read my ntfs v5 partition just fine :) so before you go
>> and say it's not supported by "linux" umm... yeah

Do you know if it can read any of the Active Directory special folders?  Most of them require NTFS5, so they're probably using the new tricks.  Unless you have access to a w2k Domain Controller hard drive, though, you probably can't find out.

>Really?  I guess I better go read the NTFS code.  Dooh!  I guess
>NTFS v5 doesn't necessarily mean encrypted.

I think the changes from NTFS 4 to NTFS 5 were fairly minor.  Added support for some new tricks like encryption, but when they're not used the filesystem probably acts the same as NTFS 4.  Read / write access would be probably be dangerous to attempt yet.

...

>Which is the reason why I said "I won't go into more details on NTFS
>v5 for the sake of brievity" -- because NTFS v5, while offering an
>"encrypted" mode, does is transparently (without user intervention
>and automatically).  That means the key it uses must be read in and
>loaded somewhere in the boot process (or in the registry on the
>non-encrypted system filesystem) -- which means it is a "false
>sense" of "security."

I'm going from memory here, but I think the key is only loaded when needed.  I think the key is related (if not identical) to the user's unique ID#.  This means that if you delete a user account, even if you remember his name and password, any data in his encrypted folders are forever gone.