"invntrr" wrote in message news:t1Wji.2434$ZO4.1986@trndny05...
>
> "Vanguard" wrote ...
>
>> "invntrr" wrote ...
>>>
>>> Is it possible to power up and boot from CD?
>>> I have seen programs that claim access that way
>>
>> Yep. That's how you got Windows XP installed in the first place.
>> There
>> are lots of LiveCD distros for Linux. BartPE's CD is bootable. As
>> Sebastian already said, if you permit physical access to the host
>> then
>> it can be compromised. Why do you think the server room at the
>> company
>> remains locked?
>>
>>> I personally know of a device that is able to overlap bios making it
>>> possible to make a bios password useless
>
> I should have said "I personally know of a device that is supposed
> to
> overlap bios making it
> possible to make a bios password useless"
>
>> Since the BIOS runs first, no "overlap BIOS" program has yet run to
>> obviate the action of the BIOS - that of requiring the system
>> password.
>> Booting from any device happens after the BIOS has already asked for
>> the
>> system password. BIOSes on daughtercards run after the system BIOS
>> so
>> they can't obviate the system BIOS, either.
>>
>> Name the purported BIOS "overlap" device so we know you really know
>> what
>> you claim to know.
>>
>
> What I Claim to know is you seem like a pompous ass and demand I tell
> you
> anything.
And meanwhile what you have proven is that you are "like a pompous ass
and demand that anyone tells you anything" in response to YOUR question.
> Would you agree that most computer cases are locked?
No, and why it was suggested that you do so. Houses and cars have
locks, too, but that merely keeps out the slightly malicious.
> Would you agree that many people leave the computer on ?
And your point? Never heard of a passworded screensaver or locking the
terminal? Never heard of shutting down into hibernate mode? Depends on
the people using THEIR computers as to how frightened they are of
someone else gaining physical access to their computer.
When you buy a car, it comes delivered with the locks unlocked. It's up
to you when to decide to use those locks. If you want something other
then the default setup, to do it.
When you go grocery shopping, it's your choice whether or not to lock
the car doors. Maybe you leave them unlock which was the same state as
when you first got that car, so don't be surprised to find the dash
gutted out when someone decided to ripoff your stereo. Would you leave
your office unlocked with a wad of cash sitting on your desk? If the
user walks away while leaving their computer powered on AND while still
logged in then they chose to leave it unprotected.
> Would you agree most computers look for A ( allowing D drive to be
> accessed ) drive as a bios default?
That is how the computer hardware is configured by default. The user
can change it if they want. Are you saying that you are one of those
boob users that haven't a clue about changing the boot drive order
setting in BIOS?
> If I were to pay lots of money for this alleged device, I
> still need physical access to the computer
Ah, so you really were lying about personally knowing of a device that
bypasses the system BIOS.
> The answer to these questions would determine if
> http://www.elfqrin.com/docs/biospw.html has any significance.
So we're back to physically protecting the computer's physical contents
so the malicious intruder can't get inside to move your hard drive to
their computer so they can get at the contents of your hard drive.
Have you actually TRIED any of those professed backdoor passwords to see
if they work on YOUR computer?
Flashing the BIOS (to remove the stored password because the flash
program will also clear the CMOS table) requires getting past the BIOS
password to then read the floppy to load the OS from which the flash
program executes. So if the BIOS has a password then it comes up before
the BIOS accesses the floppy looking for a boot record. So we're back
to physically protecting the guts of the computer so the user cannot
reset the BIOS to eliminate its startup password.
Flashing via hardware. Well, we're back to physically protecting the
computer again. Since you are super-paranoid, go build a bunker, put
your computer inside along with generator, fuel, and battery backup
along with food stores, walk inside and then have the entrance filled
with concrete. That solves a couple problems. Of course, depending on
how thick you made the walls and how impervious you make them to an EMF
pulse or explosive blast, the sun going nova or a huge meteor impacting
your bunker would probably still render computing undoable as either you
or the computer or both will be dead. Nope, there's no absolute
protection.
> I feel (unlike you I have been wrong) that no data is safe. The
> amount of
> expense and effort determines what value you place on your Data,
Um, starting to sound like you are more worried about others *looking*
at your "data" rather than protecting it from loss since everyone knows
about doing backups and securely safeguarding them off-site.
> on the subject I bet this room you keep locked has a nickel and dime
> lock on
> the door.
A stick of dynamite will blow away any computer room door, a car door, a
house door, and <pick any property>. How likely something will be
subverted depends on how much you are willing to expend on protecting
it. If a simple lock through the side panel in the computer case is
insufficient to thwart the expected thief or hack hazards in your area
then also use the lock on the room's door, live alone and lock the
house, or put mines under your carpet (I know one problematic user that
would eliminate).
> If a lock can't be cut ( a battery Dremel will do the job in 30
> seconds) a
> 3"-4" hole saw on a portable drill is quick,,, but if I have already
> gained
> access why not just rip the computer or at least take it to a
> different area
> ?
So now the concern is more focused on others *looking* at your data.
Hmm, wonder if we have a pedophile trying to hide his kiddie porn from
the feds raiding his house, or if he is worried that his parents or
employer can see what shouldn't be on THEIR computer that he is allowed
to use.
> A computer case offers the same protection as a used condom. One of
> the
> easiest things to do is remove the computers front.
Interesting computer cases you are buying. Removing the front of my
computer cases gives no access to removing the side panel if there is a
lock on it except by doing physical damage to the case, much like
blowing the house door off with a stick of dynamite. The front of the
case is blocked in that the lower grill prevents you getting your
fingers in and the screws to the hard drives are on the side so they
aren't reachable from the front.
Since it sounds like you are more scared about others seeing the
*contents* of your files rather than protecting them from loss which is
easy prevented with backups, try Googling on whole-disk encryption
products. Or use something like TrueCrypt if you are only interested in
hiding the contents of some files.
> What's my point? It is that if I want your system and am willing to
> pay
> ...it's mine.
And anyone bent on murdering you and willing to pay any price to get at
you along with any consequences of killing you, if any, will end up
killing you. You have become far too enamored with movies, like Mission
Improbable.
If someone lured you into visiting their web site, or otherwise got your
IP address, they know who is your ISP. They then go get a job at that
ISP and work their way into the networking environment to install a
packet sniffer to ferret out your traffic. So your traffic isn't
perfectly secure, either.
So where's your car? On the street? Is it locked? Does that prevent
it from being stolen? Does locking it in a garage prevent someone from
breaking through the side door, forcing up the garage door, or breaking
out a window to get inside to hotwire your car and drive it through the
garage door to steal it?
So because it is absolutely impossible to prevent anyone with enough
means, patience, and determination from stealing your property means you
shouldn't protect it at all? Uh huh. I'm beginning to feel like I'm
talking to a kid living at home who couldn't give a gnat's fart about
protecting anything to any degree because mommy and daddy will buy them
another one. I'm also starting to wonder who really owns the computer
that inventrr uses.
> What's a working parent willing to pay to keep his kid off MY Space?
You're running a porn site and worrying about keeping the kids away?
Require a credit card to enter. Then the onus is off you because you
have diverted the authentication that the user is an adult to the credit
card company. The kids won't get in unless they use their parent's
credit card (and then again it isn't your fault that they got in but
instead the parents for not protecting and disciplining their children),
and you'll also keep out the adults who would be offended by your
content (i.e., if they went through the process of credit card
authentication then they made deliberate effort to see your porn spew).
I'm sure there are sites or forums of where to discuss how to legally
protect your porn site but I don't run one so you'll have to go Googling
for that info.
> What's the NSA willing to spend to keep it's security?
$3.6 billion.
> Many like you assume everyone has enough knowledge to be literate with
> computers but in the real world there are millions of working,single
> moms
> that still think computers will burn up if you just look inside ...
> forget
> passwords ... to them it's another world. Most computer literate
> kids
> know more then parents anyway.
Right, and why allowing physical access to YOUR computer will mean it
will get screwed over. Kids don't work so they have plenty of time to
prod around to find a weakness. Of course, maybe they'll just stand
behind your shoulder to watch you login. Get the kids their own
computer and let them screw over themselves.
The computers that YOU are talking about are general-purpose machines
and as such will always have security vulnerabilities both in hardware
and software. Special- or single-purpose computing appliances are much
harder to attack or hack (but again not impossible). It's pretty
difficult to hack into that calculator sitting in your desk and there
wouldn't be much of a reward for doing so.
Can Any Password be compromised ? 
Linear Mode
