Oxymoron of the day: Business Ethics
|
|
|
Windows XP hack commonplace and old
How lame can you guys get in running this story this way instead of bashing the stupidity of the first story?
It's not true that you cannot do this if the CD did ask for a password. And it's also not true that you cannot do
this with 2K and an install CD. It's trivial to get around the same thing in 2K also. Here is one simple way - just
install another parallel install of 2K and boot into that as Admin, then you have access to all un-encrypted files on
the other install. So the CD protection is nothing at all (whether 2K or XP). Most likely MS realised how futile all
this was and made the XP CD simpler to do troubleshooting. So how is this an XP specific issue? I hope you realise all
this and put it across in the right way in your story. If you have physical access to a machine there is only one
proven way to protect data (encrypt files) and XP/2K makes that trivial to do using Properties->Advanced->Encrypt
contents ... That uses public key cryptography and as long as you protect and save your key no one can easily steal
your data (try seeing how easy it is to do something like that in Linux). No matter what whiz bang OS you have, your
data can be stolen with physical access to your machine unless you encrypt files.
Shiv
Email address supplied
----->
what the rest of us have known for 10 years. Try not to post "news" from complete amateurs.
The article, on Brian's Buzz on Windows, claims that when you start the Windows 2000 CD on an XP machine...
Bios: Boot order: C,Cdrom.
Password protect the bios.
Elegant best practice for a non-bug.
If the computer is not physically secure, you can steal the hard drive and slip it into another computer as D drive. Great for when you forget your admin password. Great also for when you need to puppet the drive to clean viruses off.
Name and email address supplied
----->
Regarding using a Windows 2000 CD to access the XP recovery console without a password:
Most system engineers that I know have been aware of this for at least the last year or so as a method to gain access to an XP workstation for data recovery. This is needed when a user with local administrator privileges changes and forgets the administrator password, then the machine dies to the point where it will not boot into a network accessible mode.
The fundamental issue here is that a)NTFS (used on NT 3.x upwards) does not by default encrypt data, and b), the file system is fully documented.
The architectural flaw is that ACLs (Access Control Lists), which are used to restrict access to files, are implemented at the operating system, not file system level.
This means that from a physical access perspective, NTFS is no more secure than the FAT system, as long as physical access to any boot medium that can mount NTFS is available.
A couple of years ago, my notebook PC running Windows 2000 blue screened with a fatal error, preventing it from re-booting into Windows 2000. I had much personal data that I needed to recover, but there wasn't enough free space for a 2nd install of Windows 2000 on the partition (another simple way to bypass NTFS permissions). The recovery console was also inoperable.
To retrieve my data, I made up a DOS boot floppy, downloaded the 16 bit drivers for my network card, as well as the free version of NTFS for DOS, a utility that mounts and reads NTFS volumes under DOS.
I was then able to Xcopy all my data across from the broken Windows 2000 box to another PC. This same method can be used today with any NTFS based operating system from NT 3.1 to Windows XP.
Tim Epstein
Email address supplied
----->
Having supported W2K for Microsoft I can tell you the 'vulnerability' is not present in W2K, you boot from a CD to recovery console where it requires a password to the Administrator account (not just any administrator will do), where it gives you three tries at the password and forces you to reboot. Recovery Console in W2K is so closed for security reasons its is almost aggravating to work with (only allowing access to system directories where repairs would take place, and never allowing access to such folders as 'Documents and Settings').
In WXP the situation is different, in situations where the the OS is not installed while connected to a domain (really restricting itself to Professional edition) every user account is created as an Administrator, unless you specify otherwise. The idea being ease of use and support. When performing an install and joining a domain, the user accounts are created with greater security in mind and the registry key in question is put to use, and will not allow access without the requisite Administrator login.
Name and email address supplied
----->
Microsoft contemplating charging for emails might make most of us shudder but there may be an upside…
Actually, many of us having been advocating the creation of something like 'Penny Black' for years. When I attended a seminar given by DEC on the late lamented Millicent micropayment system the audience was in almost universal agreement that an e-mail toll gate would be an excellent idea. This isn't about charging for any and all e-mail. It's about stopping spam by destroying the business model. DEC was reluctant to pursue for reason they would never discuss. Too bad, since this could have been the killer app for micropayments.
Very simply, if it isn't worth a penny or a fraction of that (as Millicent allowed) it can't be that important of a message. That immediately eliminates massive amounts of bandwidth hogging spam that depends on deploying millions of messages for every sucker they bag. Further, it can improve the market for legitimate advertising by providing an incentive to the recipient. If the toll gates fees are paid to your ISP it would go quite a ways toward reducing the cost of broadband services while offering some actual hope of these companies turning a profit and being able to invest in the next major hardware upgrade for consumer bandwidth.
Advertisers can even up the ante by offering greater payments for interaction with their ads. This already works well for systems like www.mypoints.com. I've bought a fair number of video games in the last few years just from the Toys R Us gift cards accrued by acknowledging e-mail ads they've sent. The payoff comes more quickly from actual purchases, of course but I've had a few of those. when there's real money involved for the advertiser the chances are much greater of there being a worthy product to see.
There is no downside to this system. Creating a list of senders who can reach you toll-free shouldn't be at all difficult. That eliminates any penalty for normal communications and things like newsletter subscriptions. There is much to be said for having even a tiny fee for posting to some forums just by virtue of winnowing out those who write solely to annoy and not to converse.
Name and email address supplied
ยต
Share this:
Share
