Feeds

Small WinXP security glitch, not many dead

Silly tricks with Win2k CDs?

  • alert
  • submit to reddit

Build a business case: developing custom apps

A glitch in Windows XP security allows you to bypass passwords and gain access to a machine using a Windows 2000 CD, reports the newsletter Brian's Buzz. Of course in order to use the CD you need to have physical access to the machine already, so this is a pretty pointless glitch - it is, however, a glitch.

It works like this. If you boot an XP machine using the Win2k distribution CD and start the recovery console, you can then get into it, copy and change files without needing a password. This doesn't work using the XP recovery console with XP, nor using the Win2k console with Win2k,so it's clearly an oopsie.

But on the other hand, if we're not talking encrypted file systems here (which we're not), then so long as you've got an innocent PC running any old operating system at your mercy you can surely get in there. With Win2k or XP it doesn't take a whole lot of expertise to just use the distribution CD to reinstall the OS, and then it's all yours anyway.

So in this case, we figure the only effects are that it gets round a bit of window dressing style security which doesn't do much more than stop the unlettered breaking in, and it helps dispel any illusory feeling of security similarly unlettered users might have.

Which is good, in its own small way. But getting a high security PC where your password (or perhaps your smartcard or your - shudder - Microsoft watch) actually means much, and which is capable of repelling the technically astute office cleaner, is an entirely different matter. Not that we think many of you will like it when you get it, anyway. ®

5 things you didn’t know about cloud backup

More from The Register

next story
PEAK LANDFILL: Why tablet gloom is good news for Windows users
Sinofsky's hybrid strategy looks dafter than ever
Leaked Windows Phone 8.1 Update specs tease details of Nokia's next mobes
New screen sizes, dual SIMs, voice over LTE, and more
Fiendishly complex password app extension ships for iOS 8
Just slip it in, won't hurt a bit, 1Password makers urge devs
Mozilla keeps its Beard, hopes anti-gay marriage troubles are now over
Plenty on new CEO's todo list – starting with Firefox's slipping grasp
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Cloudy CoreOS Linux distro declares itself production-ready
Lightweight, container-happy Linux gets first Stable release
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?