Jump to content

Windows XP

Craig

By Craig,
in Security Chat

 Share

Recommended Posts

Craig Newbie

Craig

Posted
Posted

If someone burgled your house and stole your computer, how strong is XP at preventing unauthorised access to your HDD?

At the moment i have installed a Supervisor and a different User Password in my BIOS. So even if you find out the user password to boot, you still need the supervisor password to enter the BIOS. This is all well and good, but i know if you take the BIOS battery out for a couple of minutes everything is reset.

So how good is XP at stopping access?

At the moment i use the standard Windows NT/XP login dialog box where you are required to enter your username and password, with XP you can also select that users hit CTRL ALT DELETE before accessing the dialog box.

So the above feature is a good design.

However what if the unauthorised person installed another copy of XP over the top? All passwords are overwritten and they can gain access to your files, cant they?

If not, what would stop them from just formatting your partition with XP on it and taking a chance the data is stored on another partition and then installing XP again?

So what i am asking, how safe is your personal data when it is not in your possesion anymore?

Does anyone know of any kind of third party software that will not allow your HDD to be accessed and possibly formatted without an authorisation key of some kind?

I will be interested to see what answers / views come up with regards to this topic.

Craig.

Link to comment
Share on other sites
Guest Nellie2

Guest Nellie2

Posted
Posted

And.......what if someone took your HDD out and installed it as a secondary drive on their comp......? So it would be their o/s that would boot up and as far as I can see nothing would stop them from having a good snoop around your files!!!

Link to comment
Share on other sites
Craig Newbie

Craig

Posted
  • Author
Posted

You have brought up a valid point nellie!

But if need be, you can always superglue the jumpers in place so it cannot be used as a slave.

Still looking for some sort of software that will prevent access to the drive when it is not authorised though!

Link to comment
Share on other sites
Sir Radfordin Newbie

Sir Radfordin

Posted
Posted

As a normal user of a PC you can't do this.

Even glue on the jumpers will not prevent someone from getting at the data, you have to either use your drive as a master or as a slave, so they just build a computer and put the drive in the same position. If they have admin privalidges on their machine they will on the other hard drive. Anyway, put in the Win2k CD and start the recovery console and you can bypass the administrator password on XP!

So what option does that leave - the most secure way is to not keep data that someone may be able to use in a fraudulent manor on your computer. You could always lock your PC down so that no-one could remove it, or at least not without causing a large amount of damage to it.

The other option would be to encrypt all your files but you would have to use third party software to do so and its not going to be a simple task, I feel for most home users it would be going a little over the top.

A BIOS password is useless really, its so simple to over write them either as you say by taking the battery out, or a quick change to the jumpers. One prevention is to remove the option to boot from floppy disk or CDROM. It would just slow them down thats all.

The best option if you have to keep sensitve data is to keep it on removable media that can be removed and secured in a location that can't easily be got at - a nice big fireproof safe for example. Even that doesn't come without risks.

Remember, most of the time its the equipment that will be stolen, anything else will be incidental. Take precautions, but don't become paranoid.

Link to comment
Share on other sites
Chris Newbie

Chris

Posted
Posted

Steal the computer - Well you can find the Product Key with Aida32... So you could reinstall XP. Have to have disk and stuff, but still.

Removing the hard drive and sticking it in another computer - Windows will ask you to activate it as it would be in a new computer so windows would detect all the new stuff.

You wouldn't get far...

Link to comment
Share on other sites
madboy33 Newbie

madboy33

Posted
Posted

Or before you go out

Back up all your data and smash the PC.........LOL

On a serious note if someone has such sensitive data, back it up and the use a good removal tool to take it off your PC.

Remember folks, dont just delete that sensitive bit of data as someone can allways get it off your HDD very very easily

madboy33

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy

  I accept