[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: WINDOWS NT ????



On Sat, 05 Oct 1996 07:57:22 -0700, John Fricker wrote:

>>Microsoft claims C2 or higher for NT and deserves any ragging they get if
>>it's not.   Ditto for any other vendor who claims one thing and sells
>>another.

>You ought to read about C2. 
>DIdn't Steve Martin say something like "criticize things you don't know about".

Okay, correct me if I'm wrong on this (as if you wouldn't...):
1. Microsoft markets NT with C2 security
2. Numerous industry magazines report that you can bypass NTFS file security
by booting
    off of a diskette and using NTFSDOS.
3. Numerous industry magazines (and I believe MS finally mentioned it in some
routine status
     update) all say that NT should now be considered C2 *ONLY* on machines
w/o floppy 
     drives.

Sounds like they weren't quite honest on this one.  Or are you trying to say
that security-by-obscurity (relying on NTFS's then lack of external mounting
programs) was a good choice?

>>BTW:  Bizarre NT Quirk #15413 -  The Administrator account does not have
>>access to the entire disk.  You got it - if you're the administrator you
>>still cannot look into certain directories belonging to another user - even
>>if you've given all access privileges to the Admin account.  Got a few
>>chuckles at work.

>It's not rocket science to defeat this. The administrator is prevented from casually peering >into user owned directories but any administrator worth a nickle can tap tap click and have >access to any directory. 

I know that you can get in there.  It just seemed odd that it would be setup
by default...


#  Chris Adams <[email protected]>   | http://www.io-online.com/adamsc/adamsc.htp
#  <[email protected]>		 | send mail with subject "send PGPKEY"
"That's our advantage at Microsoft; we set the standards and we can change them."
   --- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)