STaSh: the fact you worked in PSS doesnt mean you know what Microsoft is doing and how they are doing it.
Maybe not, but my current job as a security consultant for a branch of the US government for MS frequently has me speaking with PMs, developers and others internally who work on security in general or EFS in particular. There is no magic here, no man behind the curtain. Without the password and key, the data does not get decrypted. CIA, NSA, FBI are not immune to this reality. Typically though, when a law enforcement agency or govt agency needs to decrypt files, the private key that encrypted the FEK is still on the drive somewhere. And even if the drive was formatted, there are tools that can recover data including the private key. So in that sense, it probably would be relatively easy for an agency to decrypt data, since they have tools to recover the key and crack the user's password if necessary. But as I said before, this is not some James Bond, whiz-bang method that only the government has, or worse, some back door in EFS. These are the same rules that apply to anyone who wants to decrypt data.
Also the fact that there are no informations on the net and forums like this about how to decrypt the data, doesnt mean that it is not possible. If you would be some hacker, or CIA agent knowing the way to decrypt it, you would not publish it for free to everybody.
There is plenty of publically available information on how to decrypt files. Much of it is on Microsoft's website. Microsoft even tells you exactly how encryption and decrytion works with EFS:
http://www.microsoft.com/technet/prodte...7e9f7-2090-4c88-8d14-270c749fddb5.mspx
I suggest you read it. I doubt I will change your mind, since you seem to be convinced that EFS is weak and Linux > *. I find it interesting that you would take the word of someone like Tom's Hardware over a person who has intimate knowlege of the technology and code involved. Tom's Hardware is hardly an authority on things security. In fact, they have an article out today that further perpetuates the FUD around XP SP2 in enterprise environments. The author has a rather frightening lack of knowledge in the area of enterprise network administration, where he apparently is unaware of things like Group Policy, SMS and SUS. Yet the article is taken as gospel by many, especially the Slashdot crowd, where knee-jerk, close-minded reactions to Microsoft are the norm.
I would just suggest that you keep an open mind. Microsoft has come a long
long way in the past few years with regards to security. I would suggest you read about the Security Development Lifecycle (SDL) used at MS:
http://msdn.microsoft.com/library/defau...l=/library/en-us/dnsecure/html/sdl.asp. If you ask the opinions of administrators and security professionals, I think you will find that there is much praise for the way Microsoft has improved the security of its flagship products, with Server 2003 SP1 and XP SP2. Trustworthy Computing may sound like a corny marketing slogan, but it is no joke within Microsoft.