Skip to comments.
XP passwords rendered useless
Brian's Buzz ^
Posted on 02/15/2003 2:52:07 PM PST by per loin
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-28 next last
1
posted on
02/15/2003 2:52:07 PM PST
by
per loin
To: per loin
Wow. (Don't know why I'm surprised, but this must rank right up there with Microsoft security flaws.)
2
posted on
02/15/2003 3:02:48 PM PST
by
NYS_Eric
To: NYS_Eric
"If a bad guy has unrestricted physical access to your computer, it's not your computer anymore."
I have to admit, they have a point. If you don't have physical security you don't have any security at all...
3
posted on
02/15/2003 3:10:53 PM PST
by
TSgt
("Put out my hand and touched the face of God.")
To: NYS_Eric
Back in the old days of Unix, you could book up a machine in single user mode, rahter than multi user, the machine came up sans password, you had access to all the ect/passwd (?) files. Came in handy if you were a field service tech working on a machine who wasn't an admin. You physically have to secure a machine to protect the security.
Many corporate boxes, have no floppy or cd, to prevent this sort of thing, of course USB ports....
4
posted on
02/15/2003 3:21:38 PM PST
by
Leto
To: MikeWUSAF
This will not let them on your network, either. The best they could get is administrator of the local machine.
To: per loin
Just goes to show you that nothing's ever truly secure.
As a network admin, I'm more worried about people breaking through my firewall than breaking into my building. But that's what alarm systems are for...
6
posted on
02/15/2003 3:21:48 PM PST
by
Jinjelsnaps
("Time flies like an arrow, fruit flies like a banana" - Groucho Marx)
To: per loin
I'm no lawyer . . .
But as I understand it . . .
Microsoft advertised XP as the MOST SECURE EVER etc.
In fact, it's not.
Sounds like grounds for a class action suit, to me.
Would love to see that one go forward with great gusto.
I normally hate such suits. But MS has certainly earned this one.
Aren't there some hungry atny's out there? Shoot, I'd sign on as part of the class!
7
posted on
02/15/2003 3:26:15 PM PST
by
Quix
(FREEPCARDS additions will be delayed until after birthday and Albuquerque trip)
To: *Computer Security In
To: Jinjelsnaps
Just goes to show you that nothing's ever truly secure. Uhhhh . . . try the arms of Jesus.
. . . though the boot camp training can get interesting. The eternal rewards are considered more than worth it.
Otherwise, I'd agree with you.
9
posted on
02/15/2003 3:29:06 PM PST
by
Quix
(FREEPCARDS additions will be delayed until after birthday and Albuquerque trip)
To: per loin
If you have physical access to the box you can almost do anything.
How to get around a windows 2000 box.
1) Remove the hard drive from your target machine
2) Put it into another windows 2000 box that you control and have admin acess to.
3) Boot the system and it is reconized as another drive which you have FULL access to.
10
posted on
02/15/2003 3:31:18 PM PST
by
Centurion2000
(Chance favors the prepared mind.)
To: Centurion2000
If you need that much security ... encrypt your drive.
11
posted on
02/15/2003 3:32:27 PM PST
by
Centurion2000
(Chance favors the prepared mind.)
To: Quix
This is a silly article.
There isn't an OS that is secure against someone with physical access to the machine, who can boot it on another OS of their own. System Admins are usually glad for this. I know I am. I carry some NT cracking boot disks for just such a situation.
12
posted on
02/15/2003 3:37:31 PM PST
by
Ramius
To: per loin
"the most secure version ever," I believe this is a meaningless statement and there is really no specific claim being made that is actionable. This is like saying the 2003 Taurus is the best car ever made. Without specific there is no claim being made.
If Microsoft said "password protected from any unwanted intrusion" then you might have a case to make.
To think that Microsoft would leave themselves open to a lawsuit is a silly as believing that password systems are fool proof.
13
posted on
02/15/2003 3:51:39 PM PST
by
VRWC_minion
( Opinions posted on Free Republic are those of the individual posters and most are right)
To: Quix
Uhhhh . . . try the arms of Jesus. I thought that was Allah or Buddha or Jehova...
14
posted on
02/15/2003 4:07:21 PM PST
by
glorgau
Comment #15 Removed by Moderator
To: Quix
Nicely layed out, Quix :)
To: per loin
The passwords refereed to are for multiple accts on the same computer and are internal, not internet related.
All he could get into is the private desk top of the individual. Good for in house spying, but I do not live in a cubical and anyone knows not to store private stuff on a company computer. Or do you?
Sheesh
To: Libertina
THANKS FOR YOUR KIND REPLY.
I guess "the most" kinds of statements tend to get me going.
18
posted on
02/15/2003 6:49:11 PM PST
by
Quix
(FREEPCARDS additions will be delayed until after birthday and Albuquerque trip)
To: MikeWUSAF
I have to admit, they have a point. If you don't have physical security you don't have any security at all... which is why books on computer security discuss this issue before even moving on to the technical aspects of securing whatever os you have.
To: per loin
This is stupid. If a person has physical access to a machine. Its all over with for a number of reasons. I carry my own hard drives around just for this reason of saving peoples data when a OS goes belly up.
Mount said secure drive as slave reboot off of your ntfs admin drive and take control of all the content. EOS
20
posted on
02/15/2003 7:15:20 PM PST
by
ezo4
Navigation: use the links below to view more comments.
first 1-20, 21-28 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson