T
Todd H.
stacey said:
No one will argue that by default, a home user operating system from
Microsoft installs with quite a lax security posture.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
No one will argue that by default, a home user operating system from
Microsoft installs with quite a lax security posture.
T
Todd H.
jeremy said:This is true for the most part.
Sure you could use encryption so that without a password it will be
impossible (or hard) to access anything on the drive.
By default, neither Windows nor Linux ext2fs partitions employ
encryption, so a boot floppy can be constructed to give you arbitrary
access to anything on the hard drive under either system.
Actually some thinkpads I believe allow you to encrypt the drive, so
that without the BIOS passwd it is unusable if you swap it into
another PC. The thinkpad BIOS supervisor passwd is tough
itself...see my other post in this thread.
That is true. IBM Thinkpads do have some advanced hardware level
security features that make it exceedingly difficult to leverage
physical access to gain access to hard drive contents. But only if
these BIOS passwords are enabled.
But this also drifts away from Stacey's fallacious "It's Microsoft's
fault" sentiment towards Pegasus's statement "If you can gain physical
access to a Windows machine then you can gain access to its files."
that started this subthread.
My point remains that physical access to any box--regardless of
operating system-- typically grants someone relatively easy access to
its files. Hardware-password enabled IBM Thinkpads are an exception
to this rule.
Best Regards,
S
stacey
Todd said:By default, neither Windows nor Linux ext2fs partitions employ
encryption, so a boot floppy can be constructed to give you arbitrary
access to anything on the hard drive under either system.
Not if the floppy or CD isn't set in the bios boot sequence and bios has a a
password set. Yep you can remove the cover and jumper the bios and reset
the boot sequence etc..
But this also drifts away from Stacey's fallacious "It's Microsoft's
fault" sentiment towards Pegasus's statement "If you can gain physical
access to a Windows machine then you can gain access to its files."
that started this subthread.
My point remains that physical access to any box--regardless of
operating system-- typically grants someone relatively easy access to
its files.
Some easier than others. Again I had assumed this .sam file could be deleted
by any user which turns out it can't. At least they went that far!
K
kony
Not if the floppy or CD isn't set in the bios boot sequence and bios has a a
password set. Yep you can remove the cover and jumper the bios and reset
the boot sequence etc..
The cover could use security screws, the BIOS edited to remove access
to features and/or the BIOS defaults changed.... Even so it isn't
secure. There is no such thing as true security, only an effort
towards it, that amount of effort deemed necessary to discourage a
casual (relative to the circumstances) hacker, not someone determined
to have access, having the prerequisite knowledge or motivated enough
to gain it.
S
stacey
kony said:There is no such thing as true security, only an effort
towards it, that amount of effort deemed necessary to discourage a
casual (relative to the circumstances) hacker, not someone determined
to have access, having the prerequisite knowledge or motivated enough
to gain it.
Exactly. I find computers on the curb quite often and if I pick it up, see
if it will power up etc before I scavenge the parts out of it. The last one
for example had a bad CPU (HSF died and cooked it). Threw in another CPU
and it booted into win 2K. It had -no- passwords set for any user and it
contained a bunch of customer's credit card info etc!! Being the honest
person I am, I wasn't interested in any of that but I'm sure someone else
would have had a field day with that stuff. Even had one of the user's home
address with their alarm code in an e-mail stored on it! Stupid people just
tossed it out when it died and never even thought about all the sensitivce
info stored on it. What really shocked me was it was a computer parts
store's box! At least if they had passwords set, I probably wouldn't have
bothered but it's hard to resist looking around when all you have to do is
hit -enter- at the password prompt.