Re: WINDOWS NT ????
On Fri, 04 Oct 1996 22:03:17 +1030, Petr Snajdr wrote:
is Windows NT secured system ? NT? Secured? hahahahahahahahahahahahahahahahhahahahahahahaha How ?
By turning off the machine, unpluging the ethernet, moving the hard drive to another state...
8-) ..and Os/2,unix .etc.etc. not ?
OS/2 doesn't claim to be a secure multiuser operating system. If they have console access, they *can* get almost anything*. Unix can be secure, but most places don't run it in the most secure form. However, your average Unix box is probably going to do pretty well, especially if you've compiled Linux with an encrypting file system. Microsoft claims C2 or higher for NT and deserves any ragging they get if it's not. Ditto for any other vendor who claims one thing and sells another. BTW: Bizarre NT Quirk #15413 - The Administrator account does not have access to the entire disk. You got it - if you're the administrator you still cannot look into certain directories belonging to another user - even if you've given all access privileges to the Admin account. Got a few chuckles at work. * - The various OS/2 Servers have a new version of the High Performance File System. HPFS386 does a much better job of maintaining security. Apparently even the boot-floppy that can defeat NTFS won't work. I haven't verified this yet because I'm still waiting for my personal copy of Warp Server Advanced-SMP to arrive. # Chris Adams <adamsc@io-online.com> | http://www.io-online.com/adamsc/adamsc.htp # <cadams@acucobol.com> | send mail with subject "send PGPKEY" "That's our advantage at Microsoft; we set the standards and we can change them." --- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)
-----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, adamsc@io-online.com writes:
Microsoft claims C2 or higher for NT and deserves any ragging they get if it's not. Ditto for any other vendor who claims one thing and sells another.
The NT Resource Kit has a cute little C2 compliance advisor that steps you through a number of points that affect the C2 compliance of the system. My favorite is the section under 'Networks'. It simply says "C2 compliance require that the machine not be connected to a network." Drawing from another message (attribution lost, sorry), if you have the NT DDK, you need not be a particularly clever device driver writer to write a malicious driver. The DDK comes with _lots_ of example source code. You need one of {deep pockets | beneficient employer} to equip for mayhem, though. (MSDevNet Pro subscription is $499 and VC++ 4.0 subscription is ~$395) (thanks, boss!) - -- Roy M. Silvernail [ ] roy@scytale.com DNRC Minister Plenipotentiary of All Things Confusing, Software Division PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6 Key available from pubkey@scytale.com -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMlZ64Bvikii9febJAQHcGQP/SiNL6Omfm1RJi4/yG+CyrXG6QdmtHIKR 66MOC1c0mwiSVSdoE9sM+BnX6qy3XYDQOb6E2N/0R2fgb755Ntcba30T1EPvxH08 J2C4O9sbGhsk7O5TM3JRttQ6rnV9WIeTRfuNx4/PkGPqty/SeRVgUxeZO76l1oEr 5m/8uop1epw= =CeS9 -----END PGP SIGNATURE-----
participants (2)
-
Adamsc@io-online.com -
roy@sendai.scytale.com