Re: Internet explorer security

From: Hairy One Kenobi (abuse_at_[127.0.0.1)
Date: 12/09/03

  • Next message: Hairy One Kenobi: "Re: Globefinder" 
    Date: Tue, 9 Dec 2003 08:41:07 -0000

    "*Vanguard*" <no-email@post-reply-in-newsgroup.nix> wrote in message
    news:zU9Bb.471511$Tr4.1304472@attbi_s03...
    > "Hairy One Kenobi" wrote
    > in news:ph_Ab.2166$Jd7.16086@newsfep4-glfd.server.ntli.net:
    > >
    > > Logout before you go home. Either that, or change your password to
    > > one that everyone else doesn't already know.
    > >
    > > Good first steps..
    >
    > Well, that assumes Dan is actually using a secure version of Windows.
    > If Jon is using a 95-based version of Windows, security is a bad joke.
    > All a user needs to do is hit the Esc button to bypass the login.
    > Logging only only allows a user access to their <username>.pwl file
    > which is a cache of passwords. So the rogue user can still get into
    > Windows without logging in per se, they won't be able to use your
    > passwords from your .pwl file, but they'll still be able to do
    > everything else that you can do. Jon needs to be using an NT-based
    > version of Windows to provide secured login.

    It's normally a little more complicated than that (the Novell login is a
    little harder to get around, but can be done on Win95, assuming that your
    timing's pretty good ;o)

    The frightening aspect is that you're almost certainly right - that people
    are still happily using a non-Y2k OS that may (or may not!) cause them to
    lose or corrupt data in the future.

    > Jon never bothered to mention what operating system he uses. Maybe Jon
    > believes applications should provide the security rather than the
    > operating system. Not!

    Agreed. (Incidentally, you missed the Unicenter suite of stop-that-happening
    agents. A minor oversight, given the cost..)

    H1K

  • Next message: Hairy One Kenobi: "Re: Globefinder"