Re: Locking Computer Software

From: Interfecus (group_at_replies.only)
Date: 11/23/04

  • Next message: kurt wismer: "Re: Malware Triangle" 
    Date: Tue, 23 Nov 2004 18:09:10 +1300

    "KG6VQE @thecomputerdood.com>" <info<nospam> wrote in message
    news:W%4nd.19154$zx1.12611@newssvr13.news.prodigy.com...
    > If you are using a "NT CLASS" computer (Windows 2000 Pro, or Windows XP),
    > and you have your disks formatted using NTFS, that is a very secure
    system.
    > There are NTFS DOS programs that MAY let someone look into your disks, but
    > they would have be very sophisticated, and have physical access to the
    > machine. first thing I would do is remove (or disconnect) the floppy
    drive.
    > That would force someone to use a bootable CDROM to try and hack into your
    > system.

    What? If somebody has physical access to the machine then NTFS does _nothing
    whatsoever_ to prevent them from accessing it. DOS boot disks that can read
    (many also write) the NTFS filesystem without restrictions are freely
    available from the net. Any recent linux live CD can mount an NTFS
    filesystem for read access too. This is hardly "very secure". I could walk
    up to your computer with one of these disks, stick it in the floppy drive,
    boot up the computer from the boot disk, and read any of your files without
    limitation.

    > As for physical ways, the simplest is to puchase a Key Lock, and use it to
    > interrupt the power to the keyboard. All P.C. Keyboards have
    > microcontrollers in them, that rely on the 5 Volt power. If you disrupt
    > that, then the keyboad gets no juice, and is escentially dead. There are
    > commecial products that are plug in boards, that contain the BIOS
    Signature
    > AA55, which when booting indicated that that piece of hardware must
    execute
    > before others boot. These boards then have a ROM BASED program, that asks
    > for a password, before the machine will boot. The only problem is this
    can
    > be defeated by removing the board.

    If the case is opened, a keylock does very little and can be bypassed.

    With the cheaper locks that only shut off the keyboard power it would be
    easy to build an adaptor that powered it from a battery pack. This wouldn't
    even require the case to be opened.

    Removing the motherboard would be much harder than just removing the hard
    drive and connecting it to another computer so this isn't a likely method of
    attack. BIOS passwords are effective against stopping guests in your house
    from starting your computer though. If protection of specific files against
    any regular user of the computer is required then this would be useless
    since they would need to know the BIOS password to start the computer up.

    > All these assume that the "hacker" has physical access to the machne, and
    > can take it apart to diagnose. If you are talking about a sibling,
    > co-worker, or Mon and Dad, the NTFS locking method would prevent the
    casual
    > user from using the system. Of course if someone has unfettered access,
    > then they can always extract the disk drive, and use another machine to
    read
    > the files.

    Yes, the permissions system built into the filesystem will protect against
    casual attempts.

    The only way to properly secure the information of your computer against a
    physical attack is encryption. I believe WinXP Pro has the ability to do
    full disk encryption but if that's not an option for you then you can use
    software like PGPDisk to protect your valuable information.

    For casual stuff, just set your computer up with an administrator and a set
    of limited users and restrict the permissions on certain files and programs.
    Having said this, I tried to do this on WinXP Home a few days ago and found
    that I couldn't do much at all under the limited accounts. The entire system
    is infuriatingly inflexible.

  • Next message: kurt wismer: "Re: Malware Triangle"

    Relevant Pages

    • Re: Botched boot.ini - cannot boot into a system
      ... ME disks will not read or write to NTFS. ... >>> Now the computer will not boot at all. ... >>> I am able to boot the computer using my emergency boot startup disk. ...
      (microsoft.public.windowsxp.general)
    • My results of trying 9.0 live evaluation
      ... The first time I booted from the 9.0 CD, it attempted to install my Epson ... disconnected and it completed the boot operation reasonably fast. ... storage and ram disks. ... any of them said that the NTFS kernal mode was not installed. ...
      (alt.os.linux.suse)
    • Re: Locking Computer Software
      ... If you are using a "NT CLASS" computer (Windows 2000 Pro, or Windows XP), ... and you have your disks formatted using NTFS, that is a very secure system. ... interrupt the power to the keyboard. ...
      (alt.computer.security)
    • Re: [RFC] Remove NTFS kernel support
      ... My basic point is that ntfs worked ... disks that others say are unrecoverable. ... Some one needs to step up to the plate and fix these bugs. ... ntfs is a strange bird compared to other filesystems. ...
      (freebsd-arch)
    • Re: < 32 GB partitions only at external hard drive
      ... If you are having trouble with NTFS of any size, that is NOT normal for XP. ... PC's motherboard BIOS does not support large disks, ... try a repair install of XP ... Try using the XP recovery console to make partitions. ...
      (microsoft.public.windowsxp.hardware)