Tool makes mincemeat of Windows passwords A security researcher has released an easy-to-use tool that accesses locked Windows computers in seconds without entering a password. The tool, which was released Tuesday by Adam Boileau, works by connecting a Linux machine to the Firewire port of the target PC and modifying the password protection that's stored in local memory …
So Frank's comment implies this situation is securable on all platforms? Surprised at least one of them hasn't done it by now than.
All you need to retrieve passwords etc. from a laptop is firewire connected to a linux (prolly, any) system... at least some iPods can run linux and have firewire ports... this would beat the hell out of that boot disc memory reading attack for getting hdd encryption keys out of a locked laptop. Someone leaves the room, you connect up your iPod to the lapop, unplug it from the mains, and scarper with it while it's busy getting all the passwords. Well before the battery runs dead you'll have all you need.
And note that changing the password with a boot CD a) wouldn't give you hdd encryption password, and b) would invalidate any autocomplete password entries someone's got in IE (not sure about FF, but I bet you could get whatever you needed to bypass its encryption also) which makes it easier and faster to exploit anything this guy has access to.
If you can take a dump of the entire memory, then time is not a problem for mining data. Of course you would not be able to break in to the machine in a hurry, but that is only one possibillity.
And I believe that my point still stands. If the Kernel can find the information, then so can another tool specifically written to follow the same evidence trail. Once you know the rules, you can code a analytical tool to apply them. All you need is a device like an EeePC (but with a firewire port) with tools intelligent enough to recognise the OS in question, and apply the relevent rules. A serious hacker will have a toolkit with the rules built in ready and waiting. In in seconds.
My guess is that those people who think it is too hard have never delved under the covers in a real OS to understand how they work. And I know I am being a pedant, but I do not see the difference in this context between 'abstraction' and 'obsfrucation'.
@alphaxion
OS X is *not* based on the BSD microkernel. Everyone needs to get their facts right on this as they keep positng the same old rubbish again and again. OS X is based on a custom microkernel which is closely based upon the MACH micro kernel. The only thing in OS X related to BSD is a complete BSD subsystem layer (all the little BSD utilities and libraries.)
To quote Apple on this:
"This fully-conformant UNIX operating system—built on Mach 3.0 and FreeBSD 5—bundles over a hundred of the most popular Open Source products. You can shell out with bash, tcsh, ksh, and zsh; edit your code with emacs, vim, and nano; and build your projects using gcc, make, and autoconf.
Need something a little higher-level? Run your X11 apps side-by-side with native apps using X11R7 from X.org. Serve your web site with Apache 2.0 and PHP 5. Start scripting with Ruby and Python, and build web applications with the included Ruby on Rails framework. You can even measure your application's performance using DTrace from OpenSolaris."
@- Everybody who declares that physical security is the solution.
Imagine a call center envrionment. Hundreds of reps, each with the (theoretical) ability to COMMIT MASSIVE FRAUD.
Late at night, during the slow times, only two people are on-shift on a given team (or more, but all except one are party to the deal) The patsy gets up, locks his/her computer, and goes to the bathroom. Perp reaches over, unlocks patsy's workstation, and makes several thousand dollars in 'innapriate adjustments' before locking the workstation again.
Physical security is nice, but trusting people means having a valid audit trail.
OK, since everybody and their dog is saying this vulnerability is inherent in the 1394 spec, would someone please point me to the part that requires all of a computer's physical memory to be accessible via firewire?
Yes, 1394 specifies a "memory-like" model for (non-isochronous) transactions between nodes, but I don't recall anything that requires any particular mapping between this abstraction and the machine's RAM. This looks to me more like an implementation defect (though perhaps a widespread one).
I could be wrong though, and if so, I'm perfectly ready to be set straight.
Call to all fanboys!
Our leader needs us in the fight against the FOSS "evil-doers".
Mail this letter to your representative to help our leader win the struggle!
Glorious victory will be ours!
To
Mr. Jainder Singh, IAS
Secretary
Department of IT
Ministry of Communications & IT,
Electronics Niketan
CGO Complex
New Delhi - 110 003
Respected Sir
Please write a paragraph about your organization
Please paraphrase "We support OXML as a standard that encourages multiplicity of choice and interoperability giving us the ultimate consumer the choice. * recognizes that multiple standards are good for the economy and also for technical innovation and progress in the country, especially for smaller organizations like us, who require choice and innovation"
Please write about your work
Please paraphrase "*** also supports OXML as this does not have any financial implications thus releasing our resources for welfare and development of society."
Thanking You
Yours Faithfully
Name Designation
wiki.linux-delhi.org/cgi-bin/twiki/view/OpenStandards/MsNgoLobby
Trix wrote:
"All you need is a CD or USB disk and BartPE + Sala Password Renew"
Jason Croghan:
"You insert the CD in the drive at boot time "
Both these methods assume that you can boot of a CD/USB and that it hasn't been disabled in a password-locked BIOS.
Yes, I know that you can reset the BIOS but that requires a screwdriver and a little bit of technical skill. And it might be tricky to get to on a laptop.
Well Jackie its a good job our new ID card scheme will not be intra/internet accessible. So I guess it will be stored on emm PC's? So now I can focus on how the F### we stop leaks from millions of government pc's
Suggest we sub contract to Phorm..they know how to collect data
Yours obediently
ps application for salary increase enclosed.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
