[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: WINDOWS NT ????
On Sat, 05 Oct 1996 07:57:22 -0700, John Fricker wrote:
>>Microsoft claims C2 or higher for NT and deserves any ragging they get if
>>it's not. Ditto for any other vendor who claims one thing and sells
>>another.
>You ought to read about C2.
>DIdn't Steve Martin say something like "criticize things you don't know about".
Okay, correct me if I'm wrong on this (as if you wouldn't...):
1. Microsoft markets NT with C2 security
2. Numerous industry magazines report that you can bypass NTFS file security
by booting
off of a diskette and using NTFSDOS.
3. Numerous industry magazines (and I believe MS finally mentioned it in some
routine status
update) all say that NT should now be considered C2 *ONLY* on machines
w/o floppy
drives.
Sounds like they weren't quite honest on this one. Or are you trying to say
that security-by-obscurity (relying on NTFS's then lack of external mounting
programs) was a good choice?
>>BTW: Bizarre NT Quirk #15413 - The Administrator account does not have
>>access to the entire disk. You got it - if you're the administrator you
>>still cannot look into certain directories belonging to another user - even
>>if you've given all access privileges to the Admin account. Got a few
>>chuckles at work.
>It's not rocket science to defeat this. The administrator is prevented from casually peering >into user owned directories but any administrator worth a nickle can tap tap click and have >access to any directory.
I know that you can get in there. It just seemed odd that it would be setup
by default...
# Chris Adams <[email protected]> | http://www.io-online.com/adamsc/adamsc.htp
# <[email protected]> | send mail with subject "send PGPKEY"
"That's our advantage at Microsoft; we set the standards and we can change them."
--- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)