Control-alt-delete to log in



  • I have been a Linux and Mac user for so long I had forgotten you have to press ctrl-alt-delete keys all at once to login on windows machines.  I noticed this is still used on Vista (my neigbor bought a new laptop with vista and ever since she keeps asking for help).  Why can't you just display a log in screen and ask for the user to enter name/password?  Why do you have to do ctrl-alt-del to log in?
     

    If this is not a valid WTF excuse this new member, who is learning the forum rules.
     



  • It is supposed to stop <font><font mstheme="" face="Arial, Arial, Helvetica">other, non-os, apps from getting your user information, because ctrl-alt-delte can only be read by windows.</font></font>



  • @Feasoron07 said:

    It is supposed to stop <font><font mstheme="" face="Arial, Arial, Helvetica">other, non-os, apps from getting your user information, because ctrl-alt-delte can only be read by windows.</font></font>

    True, except that other applications can read the ol' three finger salute.  Replacing the GINA is the best way, but as I understand it, this doesn't work in Vista. 



  • @Feasoron07 said:

    It is supposed to stop <font><font mstheme="" face="Arial, Arial, Helvetica">other, non-os, apps from getting your user information, because ctrl-alt-delte can only be read by windows.</font></font>

    It's funny that Windows of all operating systems would have a feature like this. How many typical Windows users would notice anything amiss if a trojan popped up an "exit the screen-saver" type of window with a login prompt and no CTRL-ALT-DEL requirement?



  • I think it somehow helps combat keyloggers too. No clue how or why though.



  • There's a decent explanation on Wikipedia here and here. Like the previous posters have said, it's to prevent malicious programs impersonating the login window and stealing users' passwords - seeing the window respond to Ctrl-Alt-Del proves that it's the real one, because no other program can detect that key combination.



  • Also note that it can be turned off, somewhere in the control panel.



  • @Brendan Kidwell said:

    @Feasoron07 said:

    It is supposed to stop <font><font mstheme="" face="Arial, Arial, Helvetica">other, non-os, apps from getting your user information, because ctrl-alt-delte can only be read by windows.</font></font>

    It's funny that Windows of all operating systems would have a feature like this. How many typical Windows users would notice anything amiss if a trojan popped up an "exit the screen-saver" type of window with a login prompt and no CTRL-ALT-DEL requirement?

     

    I did not know c+a+d provided added security. But like you said, I doubt many of the users would know the difference.  Does the MS literature for new PC owners say beware of log-in dialogs that come up without pressing c+a+d (not that many users would read it)?

     
    If there is value in it, I expect others to adopt such a log-in sequence.  But Apple has just released a new OS and I do not think it makes use of such a log-in process.
     

     

     

     

     



  • @Dropzone said:

    seeing the window respond to Ctrl-Alt-Del proves that it's the real one, because no other program can detect that key combination.

    Not entirely true. VMware can apparently react to Ctrl+Alt+Del when input is grabbed, but it can't stop Windows from also doing the usual thing with it (thus why you use Ctrl+Alt+Ins instead). However, I believe VMware does something specific (don't remember what, I just remember it's not the standard windowmessage hook method).



  • @BiciBella said:

    Does the MS literature for new PC owners say beware of log-in dialogs that come up without pressing c+a+d (not that many users would read it)?

    That message that pops up [i]is[/i] the literature.  And at least in that case they pretty much have to read it.

    Your average home user probably wouldn't think twice about entering the password somewhere that didn't ask for the three-finger-solute, but keep in mind that the feature was originally part of Windows NT.  It's designed for businesses.  In that environment it's more likely that users will pay attention, but more importantly it gives managers a false sense of security.

     

    And if you haven't seen the video where the guy who invented ctrl-alt-del makes fun of Bill Gates, I highly recommend it.... http://www.youtube.com/watch?v=wbD6p6VSPlY 



  • @BiciBella said:

    @Brendan Kidwell said:

    @Feasoron07 said:

    It is supposed to stop <font><font mstheme="" face="Arial, Arial, Helvetica">other, non-os, apps from getting your user information, because ctrl-alt-delte can only be read by windows.</font></font>

    It's funny that Windows of all operating systems would have a feature like this. How many typical Windows users would notice anything amiss if a trojan popped up an "exit the screen-saver" type of window with a login prompt and no CTRL-ALT-DEL requirement?

     

    I did not know c+a+d provided added security. But like you said, I doubt many of the users would know the difference.  Does the MS literature for new PC owners say beware of log-in dialogs that come up without pressing c+a+d (not that many users would read it)?

     
    If there is value in it, I expect others to adopt such a log-in sequence.  But Apple has just released a new OS and I do not think it makes use of such a log-in process.

     

     

    "It's not a valid security measure because apple did not decide to copy it" has to be the worst logic I've ever heard, regardless of the actual security of the ctrl-alt-del combo.



  • @BiciBella said:

    I did not know c+a+d provided added security. But like you said, I doubt many of the users would know the difference.

     Who cares?  If YOU know what it does, that's all that matters to you.  You now know that if you see a prompt pop up that doesn't ask for or doesn't properly react to ctrl-alt-del, your computer is running some malicious software, and that you shouldn't enter your password.

    Just because some people ignore road signs and blindly drive off a cliff doesn't mean that we should remove the signs and screw everyone.
     



  • @BiciBella said:


    If there is value in it, I expect others to adopt such a log-in sequence.  But Apple has just released a new OS and I do not think it makes use of such a log-in process.

    It has value in the systems with 'real' security that it was copied from - mostly old government and military stuff, from the 1970s (this isn't anything like a new idea). On modern PCs it's not much use because there's at least half a dozen ways to work around it.



  • @m0ffx said:

    I think it somehow helps combat keyloggers too. No clue how or why though.

    I think it somehow helps keyloggers too.

     

    Wait, you said combat?

    "wait for ctrl+alt+del" -> "log next 40 keystrokes" -> "send keystrokes to homebase"

     Far to easy.
     



  • @Daid said:

    @m0ffx said:

    I think it somehow helps combat keyloggers too. No clue how or why though.

    I think it somehow helps keyloggers too.

     

    Wait, you said combat?

    "wait for ctrl+alt+del" -> "log next 40 keystrokes" -> "send keystrokes to homebase"

     Far to easy.
     

    Is that really possible ?

    "Windows NT is designed so that, unless security is already compromised
    in some other way, only the WinLogon process, a trusted system process,
    can receive notification of this keystroke combination."

    I have seen some Kiosk programs that disable the c+a+d in the policy settings ("This feature has been disabled by your SysAdmin"), but have not found a single program that can detect it ...

    can someone verify the VMWare claim ?

     



  • @Daid said:

    @m0ffx said:

    I think it somehow helps combat keyloggers too. No clue how or why though.

    I think it somehow helps keyloggers too.

     

    Wait, you said combat?

    "wait for ctrl+alt+del" -> "log next 40 keystrokes" -> "send keystrokes to homebase"

     Far to easy.
     

    You
    obviously couldn't code your way out of a paper bag.  Perhaps you
    should learn what you're talking about before you say something dumb.  Oops, too late.




  • @Nelle said:

    can someone verify the VMWare claim ?

     

    Yes, VMware most definitely detects ctrl-alt-delete. It displays a dialog saying something like, "control-alt-delete detected, if you actually wish to send this to the guest operating system, please use control-alt-insert instead".

    Me, I'd wait for control-alt-delete, then put up a "invalid password, please try again" fullscreen app. Then, when the user successfully enters their password, they'll see what looks like a "bad password" dialog. :)     



  • @phithe said:

    Also note that it can be turned off, somewhere in the control panel.

    From the WinXP help file (search on Ctrl+Alt+Del):

    Interactive logon: Do not require <font style="background-color: rgb(178, 180, 191);">CTRL</font>+<font style="background-color: rgb(178, 180, 191);">ALT</font>+<font style="background-color: rgb(178, 180, 191);">DEL</font>

    Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

    Description

    Determines whether pressing <font style="background-color: rgb(178, 180, 191);">CTRL</font>+<font style="background-color: rgb(178, 180, 191);">ALT</font>+<font style="background-color: rgb(178, 180, 191);">DEL</font> is required before a user can log on.

    If this policy is enabled on a computer, a user is not required to press <font style="background-color: rgb(178, 180, 191);">CTRL</font>+<font style="background-color: rgb(178, 180, 191);">ALT</font>+<font style="background-color: rgb(178, 180, 191);">DEL</font> to log on. Not having to press <font style="background-color: rgb(178, 180, 191);">CTRL</font>+<font style="background-color: rgb(178, 180, 191);">ALT</font>+<font style="background-color: rgb(178, 180, 191);">DEL</font> leaves users susceptible to attacks that attempt to intercept the users' passwords. Requiring <font style="background-color: rgb(178, 180, 191);">CTRL</font>+<font style="background-color: rgb(178, 180, 191);">ALT</font>+<font style="background-color: rgb(178, 180, 191);">DEL</font> before users log on ensures that users are communicating by means of a trusted path when entering their passwords.

    If this policy is disabled, any user is required to press <font style="background-color: rgb(178, 180, 191);">CTRL</font>+<font style="background-color: rgb(178, 180, 191);">ALT</font>+<font style="background-color: rgb(178, 180, 191);">DEL</font> before logging on to Windows (unless they are using a smart card for Windows logon).

    Default:

    • Disabled on workstations and servers that are joined to a domain.
    • Enabled on stand-alone workstations.

    For more information, see:

    <object id="pchealth" classid="CLSID:FC7D9E02-3F9E-11d3-93C0-00C04F72DAF7" height="1" width="1"></object>


     



  • None of the "hacks" anyone has mentioned is of any use unless the workstation has already been compromised by a user with administrative rights.  That being said, since so many users run as local admins due to poorly written software and lazy system administrators, ultimately it's not that effective as a security feature.



  • @elanthis said:

    @BiciBella said:

    I did not know c+a+d provided added security. But like you said, I doubt many of the users would know the difference.

     Who cares?  If YOU know what it does, that's all that matters to you.  You now know that if you see a prompt pop up that doesn't ask for or doesn't properly react to ctrl-alt-del, your computer is running some malicious software, and that you shouldn't enter your password.

    Just because some people ignore road signs and blindly drive off a cliff doesn't mean that we should remove the signs and screw everyone.

    I don't think anyone's suggesting we remove the sign.  If anything, we're suggesting to put a guardrail in instead of just a sign, as the sign may not be effective.  FAIL 



  • @operagost said:

    None of the "hacks" anyone has mentioned is of any use unless the workstation has already been compromised by a user with administrative rights.

    Or power user rights, or rights to run DirectX applications on a host that contains an ATI or nVidia video card, or sufficient physical access to stick in one of those neat keyloggers that looks like a keyboard plug adaptor, or knowledge of any of the scores of local exploits in Windows systems.



  • @pyro789x said:

    @BiciBella said:
    @Brendan Kidwell said:

    @Feasoron07 said:

    It is supposed to stop <font><font mstheme="" face="Arial, Arial, Helvetica">other, non-os, apps from getting your user information, because ctrl-alt-delte can only be read by windows.</font></font>

    It's funny that Windows of all operating systems would have a feature like this. How many typical Windows users would notice anything amiss if a trojan popped up an "exit the screen-saver" type of window with a login prompt and no CTRL-ALT-DEL requirement?

     

    I did not know c+a+d provided added security. But like you said, I doubt many of the users would know the difference.  Does the MS literature for new PC owners say beware of log-in dialogs that come up without pressing c+a+d (not that many users would read it)?

     
    If there is value in it, I expect others to adopt such a log-in sequence.  But Apple has just released a new OS and I do not think it makes use of such a log-in process.

     

     

    "It's not a valid security measure because apple did not decide to copy it" has to be the worst logic I've ever heard, regardless of the actual security of the ctrl-alt-del combo.


     

    Well apple does not have to copy it verbatim, if there is a real risk why didn't apple implement something similar? i.e a secure log-in.  If I understand this right, c+a+d is providing some security if the system has been comprimised and malicious software is already running on it.  How can somebody run software without having your log-in?  I guess the admin can do this, but that is fine.  How can an outsider install software to capture your log-in without having your log-in or the admin log-in?  Isn't that the real wtf?



  • @elanthis said:

    @BiciBella said:

    I did not know c+a+d provided added security. But like you said, I doubt many of the users would know the difference.

     Who cares?  If YOU know what it does, that's all that matters to you.  You now know that if you see a prompt pop up that doesn't ask for or doesn't properly react to ctrl-alt-del, your computer is running some malicious software, and that you shouldn't enter your password.

    Just because some people ignore road signs and blindly drive off a cliff doesn't mean that we should remove the signs and screw everyone.
     

     

    My point is the message is not clear.  In your analogy it is like the road sign saying "must turn left" instead of saying "fatal danger, cliff ahead!" 



  • XP Home does not require c+a+d.

    It requires that I activate one of the listed usernames, and type my password.

    Unless I never set a password for the only account, in which case there is no login screen at all.
     



  • CTRL-ALT-DEL cancels all journaling hooks.  This means that if your program is listening for keystrokes, the listener will be cancelled before it has an opportunity to respond.  It also disallows the creation of new journaling hooks until the login process has completed.



  • @dhromed said:

    XP Home does not require c+a+d.

    It requires that I activate one of the listed usernames, and type my password.

    Unless I never set a password for the only account, in which case there is no login screen at all.

    XP Pro is the same in it's default configuration when not joined to a domain. I hate it most with certain pre-loaded XP's that force you to create a new username (without password) before you can log in for the first time, in addition to having a passwordless Administrator account (which you can easily access by pressing Ctrl+Alt+Del,Del on the click-the-username screen).



  • Dilbert has the right solution, Security is more important than usability, do not let them log-in at all :)

     

     



  • @elanthis said:

    @BiciBella said:

    I did not know c+a+d provided added security. But like you said, I doubt many of the users would know the difference.

     Who cares?  If YOU know what it does, that's all that matters to you.  You now know that if you see a prompt pop up that doesn't ask for or doesn't properly react to ctrl-alt-del, your computer is running some malicious software, and that you shouldn't enter your password.

    Just because some people ignore road signs and blindly drive off a cliff doesn't mean that we should remove the signs and screw everyone.
     

    The trojan program is removing the sign though.

    It's a bit like having only a green traffic light. If you see the light, you know it's safe to go. But if you don't see any light at all, then unless you remember it should be there, you've no idea. Especially as Ctrl+Alt+del can be disabled; if you went to log in and weren't asked to press it, would you realise it was a trojan? Or would you just think the setting had been changed (say it's a work machine that you don't admin). Unless you're an exceptionally careful and knowledgable person (and most people AREN'T) it provides no real security.

    Also, WTF has the flashing cursor gone?

     

     



  • @BiciBella said:

    Well apple does not have to copy it verbatim, if there is a real risk why didn't apple implement something similar? i.e a secure log-in.  If I understand this right, c+a+d is providing some security if the system has been comprimised and malicious software is already running on it.  How can somebody run software without having your log-in?  I guess the admin can do this, but that is fine.  How can an outsider install software to capture your log-in without having your log-in or the admin log-in?  Isn't that the real wtf?

    This is how C+A+D adds to your security:

    Simple password login attacks work like this:

    a) Someone with physical access to the computer (the hacker) launches a normal application program (i.e. a user-mode program) which presents a screen that has the look-and-feel of the regular operating-system login prompt. He then walks away.

    b) Some other user approaches the computer, and, upon seeing the regular login prompt, types in his username and password, expecting to be accepted by the operating system as usual. The application program logs the entered data and tells the user his login attempt failed. The luser walks away disappointed.

    c)  The hacker comes back, stops the application, retrieves the username and password from the log file, and starts abusing the account.

     

    To stop attacks like these from occurring, MS invented the C+A+D login prompt like so: The BIOS (I think) and the operating system routines that deal
    with the keyboard make sure (or try their best, see VMware) that the
    C+A+D key combination cannot be read by an application program. The only program allowed to see C+A+D keys is the operating system process doing the username/password verification on login. It (and only it) will react to the user pressing C+A+D and will show the correct login window.

    If C+A+D is disabled (as described in a previous post) then an attack as described above might happen the way I just described, because the user, not having pressed C+A+D, cannot be sure whether the login prompt shown to him stems from a hacker's application or not.

     



  • @TheRider said:

    This is how C+A+D adds to your security:

    Simple password login attacks work like this:

    a) Someone with physical access to the computer (the hacker) launches a normal application program (i.e. a user-mode program) which presents a screen that has the look-and-feel of the regular operating-system login prompt. He then walks away.

    ... 

    To stop attacks like these from occurring, MS invented the C+A+D login prompt

    They didn't invent it, they copied it. It originated on mainframes and minicomputers in the 60s and 70s, decades before Microsoft existed.

     

    like so: The BIOS (I think) and the operating system routines that deal
    with the keyboard make sure (or try their best, see VMware) that the
    C+A+D key combination cannot be read by an application program. The only program allowed to see C+A+D keys is the operating system process doing the username/password verification on login. It (and only it) will react to the user pressing C+A+D and will show the correct login window.

     

    And it's useless because anybody with that kind of access can simply tuck an inexpensive hardware keylogger behind the computer.



  • As I understand it, applications aren't blocked from detecting CAD as such, however, as with all keystrokes, it's passed through the kernel first, which knows this is a special thing and then decides if it's allowed to be passed on. I would think one of the criteria for passing to something other than WinLogon is that the user is logged on.

    Since the kernel remembers the process ID of WinLogon, it can choose to only pass it on to that application, without having a spoofed window detect it. As a result, the only way to intercept the information entered is to compromise the kernel or the login system - and replacing the GINA is more or less the only option that can be accomplished without physical access to the machine, since the other files will be in use (theoretically, modifying the code loaded in memory is a possibility, but this is no simple task). Though entirely possible, care needs to be made to ensure that your interface doesn't differ too much from the regular one - and although most PCs use the standard GINA by default, some vendors make their own, so users with one of those aren't fooled quite as easily.

    Of course, replacing the GINA won't work with Vista, since GINA was scrapped in favor of a new system, Credential Providers. In order to target Vista, you therefore need to implement a new one of THOSE (which, although less work than a believable GINA, also means you need to make a choice between which one you want to target).


  • Discourse touched me in a no-no place

    @Pidgeot said:

    Of course, replacing the GINA won't work with Vista, since GINA was scrapped in favor of a new system, Credential Providers. In order to target Vista, you therefore need to implement a new one of THOSE (which, although less work than a believable GINA, also means you need to make a choice between which one you want to target).

    Google seems unable to easily supply me with the meaning of the acronym of THOSE.

    Perhaps one of the other readers could help....



  • @PJH said:

    @Pidgeot said:

    Of course, replacing the GINA won't work with Vista, since GINA was scrapped in favor of a new system, Credential Providers. In order to target Vista, you therefore need to implement a new one of THOSE (which, although less work than a believable GINA, also means you need to make a choice between which one you want to target).

    Google seems unable to easily supply me with the meaning of the acronym of THOSE.

    Perhaps one of the other readers could help....

    Those Handlers Of System Entry.

    (Optionally, you may read that instance of capitalization as emphasis instead.)



  • @TheRider said:


    <...snip...>
    The BIOS (I think) and the operating system routines that deal
    with the keyboard make sure (or try their best, see VMware) that the
    C+A+D key combination cannot be read by an application program. The only program allowed to see C+A+D keys is the operating system process doing the username/password verification on login. It (and only it) will react to the user pressing C+A+D and will show the correct login window.
    <snip...>

    This was partially true in the Win9x days and totally true in all versions older than 95. With the modern NT derivatives, the BIOS is kicked out of the way as soon as possible and the NT kernel takes over all the services the BIOS would otherwise provide. It has to, as the BIOS is still totally 16bit realmode non-reentrant code, and will completely hose the stability of a 32bit (or 64bit, for tha matter) OS.

    Win9x still partially depended on the BIOS for some stuff, especially floppy access. That's why formatting a floppy in 9x dragged the system to a standstill, because 9x was getting hung up waiting for all the disk-access related BIOS calls to go through. 9x may have had pre-emptive multitasking, but as soon as something happened that required a BIOS call, you can kiss multitasking good-bye.

    As for CAD, true enough, the NT kernel gets to see all the keypresses before any other software (keyloggers notwithstanding), and act appropriately for the various special key sequences, such as CAD. But that doesn't mean the sequence can't be passed on down the road. NT can be busy clearing the desktop and popping up task manager or the "what the hell do you want?" dialogue box (which incidentally is "secure" just like the login dialogue - nothing is supposed to be allowed to pop up over it or hide it or move it), and still let the key sequence out into the wild for other apps to poke at and do whatever they want.



  • @asuffield said:

    And it's useless because anybody with that kind of access can simply tuck an inexpensive hardware keylogger behind the computer.


    If physical access makes this feature worthless, then [i]all[/i] security is worthless.



  • @Cap'n Steve said:

    @asuffield said:
    And it's useless because anybody with that kind of access can simply tuck an inexpensive hardware keylogger behind the computer.


    If physical access makes this feature worthless, then [i]all[/i] security is worthless.

    That makes no sense.

    This feature was defended on the basis of a securing against a particular threat model. That threat model can trivially defeat this feature in the described manner, so the feature fails to secure the threat model.



  • Maybe I missed something, but modifying hardware is definitely not the same threat level as installing a malicious program.



  • @Cap'n Steve said:

    Maybe I missed something, but modifying hardware is definitely not the same threat level as installing a malicious program.

    I fail to see the relevance of this statement. As far as I can tell, you are responding to a security hole by saying "Yeah, but they might not do that, even though they can" - true but useless. 



  • @Cap'n Steve said:

    Maybe I missed something, but modifying hardware is definitely not the same threat level as installing a malicious program.

    Plugging hardware into a port is a fairly similar threat level to installing software by physical access to the machine. 



  • @asuffield said:

    @Cap'n Steve said:

    @asuffield said:
    And it's useless because anybody with that kind of access can simply tuck an inexpensive hardware keylogger behind the computer.


    If physical access makes this feature worthless, then [i]all[/i] security is worthless.

    That makes no sense.

    This feature was defended on the basis of a securing against a particular threat model. That threat model can trivially defeat this feature in the described manner, so the feature fails to secure the threat model.

     

    A.  In a computer lab it is a little bit more suspicious to be under the desk messing with the back of the computer than simply sitting on it starting up a program.

    2.  A lot of computer labs have their computers in a cage that you cannot get to.

    D.  A program like that could be installed and started remotely. 



  • @m0ffx said:

    @Cap'n Steve said:

    Maybe I missed something, but modifying hardware is definitely not the same threat level as installing a malicious program.

    Plugging hardware into a port is a fairly similar threat level to installing software by physical access to the machine. 



    Yes, but that's not the only way to get malicious software installed.  Although if the bad guy is installing software on your machine by hand, he either already has the password or he did do some hardware modification.

    Saying "this isn't secure because I could still mess with the keyboard" is a bit ridiculous.  Do they make a keyboard that encrypts every keystroke before sending it?  Even then, someone could modify the board itself.



  • @Cap'n Steve said:

    @m0ffx said:

    @Cap'n Steve said:

    Maybe I missed something, but modifying hardware is definitely not the same threat level as installing a malicious program.

    Plugging hardware into a port is a fairly similar threat level to installing software by physical access to the machine.



    Yes, but that's not the only way to get malicious software installed.

    Irrelevant, that one was the claim made.


    Saying "this isn't secure because I could still mess with the keyboard" is a bit ridiculous. Do they make a keyboard that encrypts every keystroke before sending it? Even then, someone could modify the board itself.

    The secure (mostly military) systems that originated the SAK concept secured the input hardware with tamper-proof technology; encryption is not required. Removing the keyboard, or accessing its internals for modification, would have tripped an alarm - that's all you need.

    SAK without secured input hardware is pointless.



  • @asuffield said:

    @operagost said:

    None of the "hacks" anyone has mentioned is of any use unless the workstation has already been compromised by a user with administrative rights.

    Or power user rights, or rights to run DirectX applications on a host that contains an ATI or nVidia video card, or sufficient physical access to stick in one of those neat keyloggers that looks like a keyboard plug adaptor, or knowledge of any of the scores of local exploits in Windows systems.

    Power User allows you to change the logon policy?

    DirectX allows applications to bypass C-A-D? 

    Hardware keyloggers are a physical access issue and impossible to avoid with software.

    Local exploits are a straw man.  Any OS can have exploits. 



  • @operagost said:

    @asuffield said:

    @operagost said:

    None of the "hacks" anyone has mentioned is of any use unless the workstation has already been compromised by a user with administrative rights.

    Or power user rights, or rights to run DirectX applications on a host that contains an ATI or nVidia video card, or sufficient physical access to stick in one of those neat keyloggers that looks like a keyboard plug adaptor, or knowledge of any of the scores of local exploits in Windows systems.

    Power User allows you to change the logon policy?

    Power users can run code in kernel space. They can do anything. There is no security difference between power users and administrators in Windows, there's just a difference in what functions are conveniently exposed to the ignorant user.

     

    DirectX allows applications to bypass C-A-D? 

    ATI and nVidia video cards permit unsecured modification of main memory from the GPU. DirectX allows applications to program these cards. Bypassing ctrl-alt-delete is one of many things you can do in this manner.

     

    Hardware keyloggers are a physical access issue and impossible to avoid with software.

    They're an issue with PCs, which places an upper limit on the kinds of security you can have with a PC. There are other kinds of computers in the world that are not PCs and don't have the same kind of issues.

     

    Local exploits are a straw man.  Any OS can have exploits. 

    No, the old secure systems were invulnerable to this problem because it simply wasn't possible to modify the operating system code at runtime. This problem is a modern invention that came along with the idea that a user should be able to upgrade the operating system from within the system.



  • @DaveK said:

    You
    obviously couldn't code your way out of a paper bag.  Perhaps you
    should learn what you're talking about before you say something dumb.  Oops, too late.
    Perhaps I code low level stuff, instead of bloated enterprizy buzzword software.

     

    CAD disables the keyhook is pretty silly as a design point. Why doesn't the login process disable the keyhook?



  • @asuffield said:

    [Hardware keyloggers are] an issue with PCs, which places an upper limit on the kinds of security you can have with a PC. There are other kinds of computers in the world that are not PCs and don't have the same kind of issues.

    Truth. Laptops, for a start. 



  • @asuffield said:

    @operagost said:

    Power User allows you to change the logon policy?

    Power users can run code in kernel space. They can do anything. There is no security difference between power users and administrators in Windows, there's just a difference in what functions are conveniently exposed to the ignorant user.

    This is simply incorrect.  In fact, the Power Users group in XP and 2000 has even fewer privs than in NT 4.0.  It's equivalent to the Users group in NT, in fact.  The power user cannot take ownership, change permissions on other users' files, modify users other than ones it has created, add users other to groups other than Users, Power users, or ones it has created, manage logs, or load drivers. 



  • @operagost said:

    @asuffield said:

    @operagost said:


    Power User allows you to change the logon policy?

    Power users can run code in kernel space. They can do anything. There is no security difference between power users and administrators in Windows, there's just a difference in what functions are conveniently exposed to the ignorant user.

    This is simply incorrect.  In fact, the Power Users group in XP and 2000 has even fewer privs than in NT 4.0.  It's equivalent to the Users group in NT, in fact.  The power user cannot take ownership, change permissions on other users' files, modify users other than ones it has created, add users other to groups other than Users, Power users, or ones it has created, manage logs, or load drivers. 

    You're an idiot.

    By default, the rights and permissions that are granted to the Power Users group include those rights and permissions that are required to allow members of the Power Users group to modify computer-wide settings, to install drivers, and to run (or install) non-certified programs.

     

    APPLIES TO

    Microsoft Windows Server 2003, 64-Bit Datacenter Edition
    Microsoft Windows Server 2003, 64-Bit Enterprise Edition
    Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    Microsoft Windows Server 2003, Enterprise Edition
    Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    Microsoft Windows Server 2003, Web Edition
    Microsoft Windows XP Professional
    Microsoft Windows XP Tablet PC Edition
    Microsoft Windows XP Media Center Edition 2002
    Microsoft Windows XP Professional for Itanium-based systems
    Microsoft Windows XP Professional for Itanium-based systems
    Microsoft Windows 2000 Advanced Server
    Microsoft Windows 2000 Datacenter Server
    Microsoft Windows 2000 Professional Edition
    Microsoft Windows 2000 Server


     


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.