Results 1 to 12 of 12

Thread: I've just learned how unsecure windows is

  1. #1
    UKMuFFiN
    Guest

    I've just learned how unsecure windows is

    In my favour mind (for a change)

    Basically, Someone brought his computer in for us to fix and fair play it was pretty screwed so we finally resorted to backing up all the data before we reinstall.

    I've got it attached to my machine as a slave drive but one user accounts's documents gave the message of access denied, after a google I found that microsoft actually tell you how to take ownership of files and folders!

    After laughing at myself for thinking that its something I should have known by know (ha ha old noob) I laughed at how unsecure it actually is!

  2. #2
    Comfortably Numb directhex's Avatar
    Join Date
    Jul 2003
    Location
    /dev/urandom
    Posts
    17,074
    Thanks
    228
    Thanked
    1,027 times in 678 posts
    • directhex's system
      • Motherboard:
      • Asus ROG Strix B550-I Gaming
      • CPU:
      • Ryzen 5900x
      • Memory:
      • 64GB G.Skill Trident Z RGB
      • Storage:
      • 2TB Seagate Firecuda 520
      • Graphics card(s):
      • EVGA GeForce RTX 3080 XC3 Ultra
      • PSU:
      • EVGA SuperNOVA 850W G3
      • Case:
      • NZXT H210i
      • Operating System:
      • Ubuntu 20.04, Windows 10
      • Monitor(s):
      • LG 34GN850
      • Internet:
      • FIOS
    if encrypted folders were enabled, and you didn't have his password, then it'd not be so easy

  3. #3
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    385 times in 314 posts
    NTFS provides access permissions , its not supposed to be a be all and end all of security.

    In the real world , if you have enough access to take ownership of files , then you porbably have enough access to be able to read them.

    as directhex said , you'd have a lot more problems reading them if they'd used the Encryption features of NTFS.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  4. #4
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,825
    Thanks
    161
    Thanked
    358 times in 288 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC
    Quote Originally Posted by UKMuFFiN View Post
    In my favour mind (for a change)

    Basically, Someone brought his computer in for us to fix and fair play it was pretty screwed so we finally resorted to backing up all the data before we reinstall.

    I've got it attached to my machine as a slave drive but one user accounts's documents gave the message of access denied, after a google I found that microsoft actually tell you how to take ownership of files and folders!

    After laughing at myself for thinking that its something I should have known by know (ha ha old noob) I laughed at how unsecure it actually is!
    You *DO* know that all other OS's are like that aswell, dont you?
    Unless EFS on the files/folders or some full disk encryption is enabled.
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

  5. #5
    Comfortably Numb directhex's Avatar
    Join Date
    Jul 2003
    Location
    /dev/urandom
    Posts
    17,074
    Thanks
    228
    Thanked
    1,027 times in 678 posts
    • directhex's system
      • Motherboard:
      • Asus ROG Strix B550-I Gaming
      • CPU:
      • Ryzen 5900x
      • Memory:
      • 64GB G.Skill Trident Z RGB
      • Storage:
      • 2TB Seagate Firecuda 520
      • Graphics card(s):
      • EVGA GeForce RTX 3080 XC3 Ultra
      • PSU:
      • EVGA SuperNOVA 850W G3
      • Case:
      • NZXT H210i
      • Operating System:
      • Ubuntu 20.04, Windows 10
      • Monitor(s):
      • LG 34GN850
      • Internet:
      • FIOS
    chown -R user:group /some/path

  6. #6
    Large Member
    Join Date
    Apr 2004
    Posts
    3,720
    Thanks
    47
    Thanked
    99 times in 64 posts
    Quote Originally Posted by directhex View Post
    chown -R user:group /some/path
    directhex trying to impress you with linux skilllzz without explanation.

    (Recursively change ownership of every file/folder beneath /some/path).
    To err is human. To really foul things up ... you need a computer.

  7. #7
    Moderator chuckskull's Avatar
    Join Date
    Apr 2006
    Location
    The Frozen North
    Posts
    7,713
    Thanks
    951
    Thanked
    690 times in 463 posts
    • chuckskull's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • 3570k @ 4.7 - H100i
      • Memory:
      • 32GB XMS3 1600mhz
      • Storage:
      • 256GB Samsung 850 Pro + 3TB Seagate
      • Graphics card(s):
      • EVGA GTX 980Ti Classified
      • PSU:
      • Seasonic M12 700W
      • Case:
      • Corsair 500R
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus VG278HE
      • Internet:
      • FTTC
    If you can actually get physical access to the machine it'll never take you more than a few hours to get the files, sometimes only a few minutes.

    While top notch security would be awesome, but can you imagine how many complaints there'd be from dell owners who lost their precious holiday photos(or whatever else) when the motherboard died and now theres no way to access the drive without the hardware encryption key from chip on said motherboard?

    OS's have to aim for the lowest common denominator most of the time, this being... an idiot.

    Everyone who needs high end security either knows how to get it or has enough money to pay someone who does.

  8. #8
    radix lecti dave87's Avatar
    Join Date
    Sep 2005
    Location
    England
    Posts
    12,806
    Thanks
    657
    Thanked
    931 times in 634 posts
    • dave87's system
      • Motherboard:
      • Asus
      • CPU:
      • i5 3470k under Corsair H80 WC
      • Memory:
      • 8gb DDR3
      • Storage:
      • 240gb SSD + 120gb SSD
      • Graphics card(s):
      • Asus HD7950
      • PSU:
      • XFX 600w Modular
      • Case:
      • Lian Li PC-A05FNB + Acoustipack
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • 2x Dell S2309W (1920x1080)
      • Internet:
      • BT Infinity Option 2
    Wasn't there the idea of Hardware DRM for business systems? I'm sure I read something about it but can't remember where...

    Dave

  9. #9
    Moderator chuckskull's Avatar
    Join Date
    Apr 2006
    Location
    The Frozen North
    Posts
    7,713
    Thanks
    951
    Thanked
    690 times in 463 posts
    • chuckskull's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • 3570k @ 4.7 - H100i
      • Memory:
      • 32GB XMS3 1600mhz
      • Storage:
      • 256GB Samsung 850 Pro + 3TB Seagate
      • Graphics card(s):
      • EVGA GTX 980Ti Classified
      • PSU:
      • Seasonic M12 700W
      • Case:
      • Corsair 500R
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus VG278HE
      • Internet:
      • FTTC

  10. #10
    radix lecti dave87's Avatar
    Join Date
    Sep 2005
    Location
    England
    Posts
    12,806
    Thanks
    657
    Thanked
    931 times in 634 posts
    • dave87's system
      • Motherboard:
      • Asus
      • CPU:
      • i5 3470k under Corsair H80 WC
      • Memory:
      • 8gb DDR3
      • Storage:
      • 240gb SSD + 120gb SSD
      • Graphics card(s):
      • Asus HD7950
      • PSU:
      • XFX 600w Modular
      • Case:
      • Lian Li PC-A05FNB + Acoustipack
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • 2x Dell S2309W (1920x1080)
      • Internet:
      • BT Infinity Option 2
    Yup that was quite possibly it.

    The other idea is this

  11. #11
    awm
    awm is offline
    Senior Member
    Join Date
    Apr 2006
    Location
    US
    Posts
    920
    Thanks
    4
    Thanked
    7 times in 7 posts
    Quote Originally Posted by chuckskull View Post
    OS's have to aim for the lowest common denominator most of the time, this being... an idiot.
    And often aim to exploit the lack of knowledge to push other things that might not be so good for safety (Cough..IE..cough).

  12. #12
    Registered+
    Join Date
    Dec 2006
    Location
    Aberdeen
    Posts
    29
    Thanks
    0
    Thanked
    0 times in 0 posts
    • john427's system
      • Motherboard:
      • eVGA nForce 680iSLI
      • CPU:
      • Core 2 Duo 2.93GHz
      • Memory:
      • 2GB Corsair Dominator C4
      • Storage:
      • 250GB Seagate SATAII
      • Graphics card(s):
      • Asus GeForce 8800GTX
      • PSU:
      • 580w Tagan Modular
      • Case:
      • SilverStone TJ09-B
      • Monitor(s):
      • Asus MW221U 22" widescreen
    Yeah, I had to do that to a mate's PC when it wouldn't boot after he installed SP2. I, too, couldn't believe just how easy it was to 'take ownership' of the files and copy them to another HDD. I didn't even need his password!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Windows security probs? You WILL have to pay to fix 'em!
    By Bob Crabtree in forum HEXUS News
    Replies: 18
    Last Post: 20-02-2006, 10:38 PM
  2. Replies: 7
    Last Post: 14-07-2005, 11:09 AM
  3. FYI: No Service Pack 5 for Windows 2000
    By Paul Adams in forum Software
    Replies: 7
    Last Post: 01-12-2004, 03:03 PM
  4. Windows Installation Fatal Error
    By Weng in forum Software
    Replies: 23
    Last Post: 16-10-2004, 02:57 PM
  5. Windows XP Email?
    By joshwa in forum Software
    Replies: 9
    Last Post: 18-01-2004, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •