it's easy to put linux into a USB drive (or CD), mount the NTFS partition, and see ALL you files, copy them to the USB drive

That's nice.

And you have to have physical access to the machine to do any of that. I already said that if I have unfettered physical access then there's nothing you can do. But if the machine contains (or has access to) secure data then it shouldn't have the USB ports or CD bootable. Any secure information should be protected by a separate (and high grade) crypto (which, even with unfettered physical access, may render the data effectively unreadable). And you shouldn't give unfettered physical access to anyone that you're not going to trust in the first place.

you can also change the password for fun

Which won't work very well on a box using ActiveDirectory passwords. MS may not have a damn clue about security, but at least AD isn't as godawful insecure as standard passwords.

look here, people. many of you really think the windows password screen is unbypassable. it isn't! it's easy to put linux into a USB drive (or CD), mount the NTFS partition, and see ALL you files, copy them to the USB drive.
you can also change the password for fun:

http://home.eunet.no/~pnordahl/ntpasswd/

Give him 6 months in jail so he can become Mr Bigs Bitch, that will teach the spotty little twat that in the real world you have to work and do what you are told. When I was a lad we respected our................

They aren't banning ipods outright, just in their military installations. Try driving your car into a military installation, I don't think they'd take kindly to that either.

For what it's worth, I found the system guide to be quite helpful. I recently built a PC using the previous Ars Technica "hot rod" guide.... didn't use every recommended component, but I did take the advice for the motherboard (MSI K8T Neo2-FISR), CPU (although I went with an AMD Athlon 64 3200+ instead of 3000), DVD writer (Plextor PX-708a) and case (Antec SLK3700-BQE), and I've been very happy with it. I used some other sources for recommendations on some other parts of the system (like CPU and Hard Drive), but I found it to be a really helpful starting point. For someone like me who doesn't know much about PC hardware, it was really nice to have a starting point at least, and I've been really happy with the experience (my first time building a PC).

I really don't see why you're slamming their system guides.


This comment was edited on Jul 13, 18:05.

try the direct links to the downloads
http://gpk.xetasoft.com/LogiGamer_1.7.4.msi

or http://gpk.xetasoft.com/LogiGamer.NET.1.7.4.zip for the zip

I didn't realize geoshitties runs out of BW so fast!

gpk

The only added security risk I can see is that USB storage devices let someone who has limited access to a computer steal data. Say, for example, I'm visiting a friend at work. He gets up to go to the mens room, and forgets to ctrl-alt-del lock his keyboard. I plug in my IPod, copy his customer database, install a backdoor trojan and a keylogger. I could do all that in about a minute, and anybody walking by wouldn't see anything suspicious.

That sort of falls under the "if you're too foolish to lock-down your sensitive information, you deserve to take whatever beats come to you if it gets compromised" category though, doesn't it?

But yeah, I was imagining that kind of scenario too, but then I got to thinking: couldn't any computer with a burner in it be just as vulnerable to such an attack? Sure it takes some time to burn the data, but it's probably not going to take as long as transferring it across USB by a long shot.

'course, you can move 2GB across FireWire in barely a couple of minutes, and there are plenty of corporate HDDs out there that contain well under 40GBs of juicy info on them, so you can see where such a device could be worrisome to these types of beaurocrats...

But just saying "iPods are dangerous" without considering all the possibilities (and there are many) is pretty blinkered thinking IMHO -- some might even say dangerous.

Better they should stop looking at what they need to outlaw, and look at how to secure their shit so it can't be tampered with like that. Keep all the good stuff on a physically secure server and make everyone access it over the network or something (I dunno -- I'm no security genius, but you'd imagine that the British Military could dig one up FFS!)

-----
"Who would have thought a few years ago before Starbucks started that we would be paying four or five bucks for a cup of coffee?... I think if someone could do that for coffee, we ought to be able to do it with bananas." - Chiquita CEO

Say, for example, I'm visiting a friend at work. He gets up to go to the mens room, and forgets to ctrl-alt-del lock his keyboard. I plug in my IPod, copy his customer database, install a backdoor trojan and a keylogger.

But then could you really call him your friend after that?

The only added security risk I can see is that USB storage devices let someone who has limited access to a computer steal data. Say, for example, I'm visiting a friend at work. He gets up to go to the mens room, and forgets to ctrl-alt-del lock his keyboard. I plug in my IPod, copy his customer database, install a backdoor trojan and a keylogger. I could do all that in about a minute, and anybody walking by wouldn't see anything suspicious.

It "bypasses passwords" in the sense that you're piggybacking on someone elses login. Sure, you can do this with any USB data device, but most people think of the IPod as strictly a music player.



I'm sprawled across the davenport of despair.

It's in all major current BIOS's. It's not a default though -- you'd have to have enabled booting off USB in the BIOS. </snip>

Cool - I'll have to give it a look.

If a hostile entity has physical access to the computer then all bets are off. </snip>

All systems I've seen in the past decade or so have had two password options (which can be set independantly) -- password on boot (can't boot from anything w/o the password) and password on bios (can't access the BIOS w/o the password). The latter would solve the booting from USB issue. </snip>

Frankly, I think the RAF Wing Commander was clueless. </snip>

Thanks, Zathrus -- I pretty much assumed all of that was the case, because.. well, just because the World would be dumb if not.. (the parts that aren't already, that is)

I especially agree with you on that last point -- that guy would likely shit his pants if he knew the original plan for the iPod was to allow users to store their OSX Home folders on it (their entire user account, basically), so that one could just boot into their user account straight off the iPod and get to work.

It was a very cool idea, actually, but just think of all the stuff a determined data-miner could do with a setup like that..

-----
"Who would have thought a few years ago before Starbucks started that we would be paying four or five bucks for a cup of coffee?... I think if someone could do that for coffee, we ought to be able to do it with bananas." - Chiquita CEO

so I gather that he's talking about booting off the USB drive, then? Is that easy to do (don't recall seeing that as an option in any BIOS I've seen)?

It's in all major current BIOS's. It's not a default though -- you'd have to have enabled booting off USB in the BIOS.

presuming that someone can gain that kind of physical access to the computer

If a hostile entity has physical access to the computer then all bets are off. There are plenty of ways to compromise a system at that point, from the simplicity of a keylogger to just removing the freaking hard drive. If you're that concerned about security, you need to either prevent physical access or trust those that do have physical access. Yes, you still need passwords, but the scale of problems is very different.

Is there no way to password lock an x86 machine at the BIOS level so that any attempt to do something other than boot it normally will require authentication?

All systems I've seen in the past decade or so have had two password options (which can be set independantly) -- password on boot (can't boot from anything w/o the password) and password on bios (can't access the BIOS w/o the password). The latter would solve the booting from USB issue.

Of course, once again, if you give me unfettered physical access to the machine then I can just reset the BIOS, clearing the passwords, and then do whatever the hell I want.

Frankly, I think the RAF Wing Commander was clueless.

hey can't even guarantee the mobo they purchased doesn't conflict with this or that

Uh... what kind of utter crap hardware are you buying that you've had an issue like that in the past 5 years? Hell, I'd even say the last decade.

And very few web sites build the recommended systems. There's no point in doing so, and it's rather cost prohibitive.

"With USB devices, if you plug it straight into the computer you can bypass passwords and get right on the system," RAF Wing Commander Peter D'Ardenne told Reuters.

Help me out here...is this guy nuts? If I walk up to a 2k/XP box with either the login or the password protected screen saver active, how exactly will this usb drive magically let me in? How do I bypass passwords? WTF is he smoking?

Now if he's talking about computers with no password protection (or a network that doesn't require a login), that's his own damn fault, and yes, a USB drive could get to data that way. But that's what you get for leaving stuff wide open to begin with.

News flash: I have a car. I might just be a terrorist, as I could use it to run down people, rob a bank, or drive really really fast. I don't plan to do any of those things, but by his line of thinking, we should ban those, too.

"What a maroon."

There is the theory of the moebius, a twist in the fabric of space where time becomes a loop time becomes a loop time becomes a loop http://www.loopz.co.uk/

The Logigamer download file at the geoshitty site has exceeded its bandwidth... Anyone have a mirror or the file available for download?

the greater wrong of the right --
http://www.skinnypuppy.com/

"With USB devices, if you plug it straight into the computer you can bypass passwords and get right on the system," RAF Wing Commander Peter D'Ardenne told Reuters.

... so I gather that he's talking about booting off the USB drive, then? Is that easy to do (don't recall seeing that as an option in any BIOS I've seen)?

If so, then that's a pretty major hole in security, presuming that someone can gain that kind of physical access to the computer in order to plug in the drive and restart the machine...

Is there no way to password lock an x86 machine at the BIOS level so that any attempt to do something other than boot it normally will require authentication? I can't believe I'm actually asking that, as it seems so obviously necessary, but I've never been concerned enough about any of my Windows boxen to go looking..

I know on the Mac, you just set an Open Firmware password and you're all set -- no one can do jack squat without it, except boot from the startup volume. It's actually a little scary how vulnerable the machine is without it, TBH..



-----
"Who would have thought a few years ago before Starbucks started that we would be paying four or five bucks for a cup of coffee?... I think if someone could do that for coffee, we ought to be able to do it with bananas." - Chiquita CEO

Wow, that's some pretty impressive fucking article writing (Sarcasm alert).

It really takes a lot of know-how to read other peoples articles on hardware and pretend to build systems buy picking parts off of dealtime.com. They didn't build one of these systems.. they can't even guarantee the mobo they purchased doesn't conflict with this or that, or bios issues or anything.

They didn't build any of these "recommended" systems. Whole article is fluff.

Love,
Zaq

the MoD switched to the USB-friendly Microsoft XP operating system over the past year.

I wondered why I saw all those cruise missiles flying in circles overhead, with military brass running after them screaming "No..."

_____________________________
Insert funny quote here