I have to go home now, no system I am aware of meets these requirements.
-----Original Message-----
From: PeterB [mailto:xxxxx@inkvine.fluff.org]
Sent: Monday, April 22, 2002 3:25 PM
To: NT Developers Interest List
Subject: [ntdev] RE:I want to retrieve Username ,Password
,Domain text from GINA system.On Mon, 22 Apr 2002, Michal Vodicka wrote:
> Sometimes there are problems with network which should be solved.
> Local admin may not be sufficient.
Then they start from scratch.> Sure. How do you distinguish compromised machine?
With difficulty.> Unfortunately, it isn’t right at least for NT. All what is
necessary
> is an ability to boot from diskette or CD and you can replace local
> admin password or copy SAM and crack it (if there is no diskette or
> CD, you can attach HD to a laptop…).
And…? This isn’t true of which OS? Yes, if you can access
the hard disk from another OS that ignores its permissions
and such you can wreak havoc. This is why evaluated systems
require physical security as well as software security.> I’m not saying it is easy but if you have physical access
> to the machine, you can compromise it.
>
> Conclusion: any machine where non-trusted persons have access is
> potentially compromised and you must never enter your
password there.
Yup.–
Peter
xxxxx@inkvine.fluff.org
http://www.inkvine.fluff.org/~peter/logic kicks ass:
(1) Horses have an even number of legs.
(2) They have two legs in back and fore legs in front.
(3) This makes a total of six legs, which certainly is an odd
number of
legs for a horse.
(4) But the only number that is both odd and even is infinity.
(5) Therefore, horses must have an infinite number of legs.
You are currently subscribed to ntdev as:
xxxxx@stratus.com To unsubscribe send a blank email to
%%email.unsub%%