help kenny - xp security not so secure

  • Thread starter Thread starter kenny
  • Start date Start date
K

kenny

I have winxp pro, with the lastest service pack, and
updates. I took my laptop to a repair place did not tell
them what my password was, but they were able to reset my
password to blank with some utility, thus enabling them
to get in. So when I went back to the shop, all they had
to do is click on my username at the login screen, with
no password, and it went right into my profile. where's
the security in that Bill?
 
This is a well known physical attack that can only be countered by using
syskey mode 2 or 3 (boot floppy of startup password). It is part of the
immutable laws of security: if a hacker has physical access to your machine,
they can compromise it. SYSKEY mode 2 or 3 can counter this threat, but use
it carefully, if you lose the password or disk, it will be impossible to
recover your OS installation. Start->Run-Syskey.exe
 
Hacker 101 if I can touch the machine It is mine. In other words physical
access defeats most software security including passwords. Even if you have
to take the hard drive out mount it on another machine, change files on that
hard drive put it back into the original system.
 
Greetings --

What did you expect? Without physical security, you have *no*
security, regardless of the operating system. Any reasonably
knowledgeable technician who has physical access to the computer can
easily access anything on the hard drive that is not encrypted. You
turned your laptop over to these people, so you presumably trusted
them.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Back
Top