Most people that put passwords on their computers assume too much about the security of the system they operate on. Rule of thumb: unless you have specified an encrypted hard drive, you don't have one. The password you put on your machine will keep me (or anyone else worth their salt) out of your files for all of ten seconds.
For Mac OSX a simple Command + S while booting up will do the trick (on old macs you can delete the first run file so the mac goes in to setup mode and requests a new username and password, that will then allow access to your files)
For Windows, how about an F9 to safe mode?
For linux, what about changing the boot options in your boot manager to go in to safe mode, or simply choosing the safe mode section?
For all operating systems, if your stuff isn't encrypted we can still pop in a linux live cd and copy anything we want over.
So, how do you keep someone from doing this? Well, it requires hard-disk encryption (which is dangerous, because if you forget the password, you're SOL, and if you write it down, there is no point). A locked boot manager, that boots directly to the hard drive (with a good password, different than the BIOS). A good, strong password, and requiring a user name upon login will help too. The computer must have a lock on it, as if it is stolen, most of your defenses fall, except the hard disk encryption if you have any.
Network/Computer Admins
So, what if you have a whole slew of computers?
"Aha!" the school computer admin exclaims, "I know, I'll disable users from booting in to safe mode, by setting an Administrator password, lock the BIOS so they can't boot Linux, disable running third party executables on the desktops, and, um, disable listing of the C:\ directory by students!"
This is a very real example taken from the school district I was educated at :) Hmm. Students have nearly unlimited physical access to the computers. I would just pop out a clock battery, and hit a pin, resetting the BIOS; maybe I did this, and maybe not. Maybe when I did it, the clock was reset to the year 1400 (before the epoch?) and software freaked out before I fixed it.
Oh, and by the way, if you type: file:/// in to Firefox it shows the listing of the root directory, easy enough to grab a password file from a trusted app, and then run it through your password cracker later (in Windows). Also look out for applications like AutoCad that allow command line access through their interface.
A note to the administrators of schools and businesses across the world:
- Your subjects are motivated to do what they want.
- They outnumber you
- They probably outnumber you enough to brute-force a problem
- You have other obligations
No comments:
Post a Comment