So I got a new copy of Windows 2000 today and the attached floppy disk came with it. Anyone have more info on it? All I can find out about it is that's it's a disk with a 128bit encryption software in it. Is it aes, pgp full disk encryption or something ? I guess I'll find out when I get Windows installed.
???
🤣
Well this sucks, both my 3" floppy drives are junk. Or maybe it was this disk? 😒
I remember that for NT4 128 encryption used outside of the U.S. was controlled so you had to get a license. Don't remember if that was the case with 2000 or not but according to your floppy it might be.
Is only used for SP2 or older.
SP3 and up already has the functionality built in.
https://technet.microsoft.com/en-us/library/c … v=ws.10%29.aspx
.
I slip-streamed my W2k install CD with "Unofficial Service Pack 5a".
It works very well.
.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
PCBonez,
You might be interested in this.
http://www.msfn.org/board/topic/174310-window … 00-ur2uurollup/
wrote:PCBonez,
You might be interested in this.
http://www.msfn.org/board/topic/174310-window … 00-ur2uurollup/
Thanks. - I visit there now and then but had not seen that.
.
Seems I remembered the version wrong. Should be 5.1 or 5.1a or something.
.
I used this guide. http://www.msfn.org/board/topic/97047-up-to-d … creation-guide/
Looks like he's keeping it updated too which is great. (Some file dates in his archive are 2015.)
Looking at my file dates my slip-stream build is already 2 years old so maybe it's time to do a new one.
.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
wrote:I remember that for NT4 128 encryption used outside of the U.S. was controlled so you had to get a license. Don't remember if that was the case with 2000 or not but according to your floppy it might be.
Thanks. Anyone know what it encrypts ? and what kind of encryption it is ? I guess I'll have to wait for a working floppy drive.
IE SSL?
All hail the Great Capacitor Brand Finder
wrote:wrote:Thanks. Anyone know what it encrypts ? and what kind of encryption it is ? I guess I'll have to wait for a working floppy drive.
Maybe I wasn't clear enough.
If you use W2k with Service Pack 3 or higher then you don't need that floppy because whatever is on that floppy has already been added to the OS.
.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
wrote:IE SSL?
IE had a separate High Encryption Pack which was also included later via updates and newer editions.
I think it was a native feature by IE6.
.
~I think~ this one takes care of security for things like Outlook/Outlook-Express, Passwords, User Accounts and other relatively uninteresting things.
.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
wrote:IE had a separate High Encryption Pack which was also included later via updates and newer editions. I think it was a native fea […]
wrote:IE SSL?
IE had a separate High Encryption Pack which was also included later via updates and newer editions.
I think it was a native feature by IE6..
That was my thoughts, but I thought outlook had its own disk too? So this disk has the ntfs encryption?
wrote:So this disk has the ntfs encryption?
No.
W2k without this already has the NTFS file encryption function.
What it would do (I THINK) is provide a 128-bit algorithm for that function to use.
.
IOW It changes (or offers an additional) encryption algorithm (encryption strength) to other programs.
And for some internal things (like passwords, user account control, ect..) it makes it the default or only option.
.
Even then I'm not 100% sure the files on the disk have anything to do with file system encryption.
My take is the intention (focus) of the disk is to keep hackers from getting control of the machine.
.
It's already included in SP3 and beyond.
SP4 (and the following roll-up) add or fix so many things it's ridiculous to not use them.
A biggie (for me) is 48-bit LBA. It was added to W3k in SP3.
Without that your max HDD is 120Gb. (Yeah I know. Technically it is a 137GB limit but no one made 137GB HDDs. They were 120GB.)
.
.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
wrote:Even then I'm not 100% sure the files on the disk have anything to do with file system encryption.
My take is the intention (focus) of the disk is to keep hackers from getting control of the machine.
As noted above, this was almost certainly because of US export restrictions on high quality PKI encryption. Many of us are not sure what these functions were used for within Win2k. Stream or block cyphers like DES, RC4, and AES are not usually used for protecting passwords, nor are asymmetric keys. Cryptographic hashes such as MD5, SHA1, RIPEMD, and Whirlpool are typically used for password encryption as there's no need to recover the original password.
I would think EFS and possibly RDP would use the integral encryption provider. Found this little tidbit (emphasis added) that indicates it may have been a more broadly used library function, including for IE, OE, etc.
High Encryption Support
If you are running Internet Explorer 5.01 or earlier on a computer that is running Windows 98, Microsoft Windows 98 Second Edition, or Windows NT 4.0, when you install Internet Explorer 6, you upgrade your computer to 128-bit encryption. If your computer is running Windows 2000, when you install Internet Explorer 6, you do not change the level of encryption on your computer. You can upgrade Windows 2000 by using the High Encryption Pack that is located on the original installation media and on the Microsoft Windows Update Web site. If your computer is running Microsoft Windows Me, your computer is already using 128-bit encryption.
All hail the Great Capacitor Brand Finder
Um, no, you are reading it wrong.
What that says is if using W2k upgrading to IE6 with 128-bit encrytion will NOT upgrade the other encryptions.
If your computer is running Windows 2000, when you install Internet Explorer 6, you do not change the level of encryption on your computer. You can upgrade Windows 2000 by using the High Encryption Pack that is located on the original installation media and on the Microsoft Windows Update Web site. If your computer is running Microsoft Windows Me, your computer is already using 128-bit encryption.
So, as I said before. In W2k the encryption for IE is separate from everything else.
That floppy is for everything else. (Except the full version of outlook, see below.)
Also note further down on this page: https://msdn.microsoft.com/en-us/library/cc722908.aspx
That Outlook 2000 also had it's own private High Encryption upgrade.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
Anyone can could open the directory on the floppy and see the files.
The important one appears to be rsaenhs.dll
rsaenhs.dll is given to be an installer for the "Microsoft Enhanced Cryptographic Provider"
And according to this:
https://msdn.microsoft.com/en-us/library/wind … v=vs.85%29.aspx
It uses RCA, RC2, RC4 and 3 kinds of DES.
.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
https://desk.sgcib.com/SGNeeded/HELP/128bitencryption.htm
Windows NT4 : the Service Pack 6a ("SP6a") contains the high-encryption pack: Download Here, FAQ Windows 98 : you need to up […]
Windows NT4 : the Service Pack 6a ("SP6a") contains the high-encryption pack: Download Here, FAQ
Windows 98 : you need to upgrade Internet Explorer itself: Upgrade Internet Explorer
Windows 2000 : you just need the High-Encryption pack: go Here
Windows XP : it should normally contain already the High-Encryption pack
Not sure if this is accurate as it's third party. All I'm saying is that the documentation is quite ambiguous on this issue.
All hail the Great Capacitor Brand Finder
That was accurate before SP3 for W2k was released.
IOW: W2K SP3 contains the W2k High-Encryption Pack.
Adding it again (over SP3) might even break something if the file dates are older than those in SP3.
.
Yes, Microsoft has a way of creating pages and pages of documentation that don't tell real humans anything at all.
.
GRUMPY OLD FART - On Hiatus, sort'a
Mann-Made Global Warming. - We should be more concerned about the Intellectual Climate.
You can teach a man to fish and feed him for life, but if he can't handle sushi you must also teach him to cook.
I found a good floppy drive. The disk had some sort of update on it.!but after installing it the disk went bad... Scary!
