SnowSurfer

i did too, until i read "local password cracking presentation..."

http://www.irongeek.com/i.php?page=s...ingillustrated

i didn't realize how much stuff you could find out just by being able to log on to someone elses computer, the windows protected storage segment was very surprising...good read, there is some other good flash videos too

__________________
I have an athlon xp 2500+ ... aren't you glad you know that?

speedracer120

The dude's voice reminds me of Edgar from 24.

__________________
Off in La La Land

Bires

I never thought my computer was secure.

__________________
Five years...

Jeffbx

If you have physical access to a computer, you can get into it 99.999% of the time. In 99% of those cases, you can do it within a couple of minutes even if you don't have any passwords or logon IDs.

Security of your PC must begin with physical security - in other words, don't lose your laptop, and make sure no one has access to your PC if you have sensitive info on it.

Markel

I remember shortly after XP came out, it was discovered that you could boot from a Windows 2000 CD on an XP system, get into a dos prompt, and copy any files you wanted from the hard drive without leaving any trace of evidence (aside from the state of the PC if it was "locked" with XP running). I wonder if MS ever fixed this?

__________________
stay low... keep moving...

Jeffbx

I believe they did, but there are easier ways to get in. I have a nifty little utility on a floppy disk that you can boot from that will decrypt or reset the administrator password for you. Then you can just log right in & do what you want.

Or, the brute force way - just remove the HD & pop it into another machine for a quick peek.

SnowSurfer

the floppy program can corrupt files, i remember trying it on a school machine...for educational purposes..

Grimm

Any more you can just plug in a USB thumbdrive with Linux on it, reboot the PC, copy over whatever files you like. Or you can crack the passwords in a few minutes and log onto their PC in windows as the Admin.
You don't even have to carry a CD or floppy. Just a little key chain fob no one ever notices.

If you can touch a PC you can own it.

cocojambo

nor will our computers EVER be secured... hmm maybe Longhorn will fix many of the bugs in Windows

Jeffbx

Don't fool yourself there.... physical security of your machine is NOT an OS bug. It doesn't matter what OS is on there - if someone has physical access to your machine, they can get at your files eventually.

SnowSurfer

i actually dont have a floppy drive on my machine and i have it to only boot from the harddrive...i mean yes if someone was determined they could pull the motherboard battery and stuff but that takes time to get the lock off the case and what not

speedracer120

You can't forget to disable boot from USB either.

Markel

I've got a bootable CD with that and a bunch more nifty tools.

However, resetting the password means that your tracks are not quite invisible....

Jeffbx

Well, yeah... if you don't want anyone to know you've been there, there are other methods for that!

bachviet

After the work is done, use big magnet?

__________________
Dell Dimension 9200 | Intel Core 2 Quad Q6600 (2.4GHz) | 4x1GB DDR2 | 256MB nVidia GeForce 8800GT

Dell Studio 17 | Intel Core i7-720QM (1.6GHz) | 2x2GB DDR3 1066MHz | 1GHz ATI Mobility Radeon HD 4650

Intel P4-C 3.0GHz | ECS 865PE-A | 3x512MB PC3200 | 128MB PNY GeForce 6600GT

Jeffbx

Yes, that or the Big Hammer. Either one is effective at covering your tracks.