> From: Rosenquist, Matthew [mailto:matthew.rosenquist@private]
> Following this thread has been quite entertaining. I have witnessed a
> group of technologists attempting to derive technical solutions,
> essentially barriers, to help one father protect his PC from his
> daughter. Very creative, complex, and expensive ideas have surfaced,
> been torpedoed, and subsequently raised again in a different
> incarnation. Yet, we miss the obvious.
>
No you forget the questions from the original post:
Here are my questions:
1. How is it possible to login to Windows XP without knowing the
password?
2. What can I do about it?
Nothing here says "How do I stop his daughter from breaking in?" She
did an obvious attack, and I am sure that he and her dad had words. If
she is arrogant enough the father has since apologized :)
He asked a technical question, and is getting technical answers. To
some extent he is getting the answer "Physical Security is crucial"
However there are assumptions to what level the attack is willing to
go. People have poo poo'ed some concepts "because a counter exists."
Physical access for 5-10 minutes is much much different than having a
weekend with the machine. 5-10 minutes on machine with no
floppy/cdrom/USB, password protected BIOS with the HD as the only boot
device will stop most attackers cold. Yes an attacker can have a screw
gun ready, and the exact MB memorized, and the flash pins done in 5
minutes, but this is not Mission Impossible III.
All security is Partial Security, it just raises the Bar.
So most of the suggestions are good one. The init -> USB key is another
great layer. Add all of this together and I am now protected against
all but the really sophisticated attackers, or the ones with a lot of
free time with the machine. Don't bother to tell me how fast you can
open the PC, add a drive, etc., that requires sophistication.
> Tell the
> daughter, if she does it again, she will not be allowed to obtain a
> drivers license until she is 18 years of age
Which begs two questions: How old is she (if she's 19 this will not
work), and is she looking for work? If not, she is getting a degree in
this? What were her grades before seeing War Games?
On Fri, 2003-01-03 at 11:08, Andrew Plato wrote:
> However, its seems to me Dad should be happy his daughter is hacking
> PCs. She could be rotting her brain out on reality television and
> Britney Spears.
Andrew, Andrew, Andrew don't you read the news?
http://www.cnn.com/2002/TECH/internet/12/13/lycos.search/index.html
Tattoos, Britney top Web search list
...
Lycos lists music-trading service Kazaa at No. 2, tattoos at No. 3, pop
idol Britney Spears was No. 4, the NFL (National Football League) at No.
6, and Christmas at No. 9.
...
What do you think she was doing on-line anyway?
--
Zot O'Connor
http://www.ZotConsulting.com
http://www.WhiteKnightHackers.com
This archive was generated by hypermail 2b30 : Thu Jan 09 2003 - 03:54:20 PST