|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NT Screen Saver Password Protect Bug
- To: NTBUGTRAQ
LISTSERV.NTBUGTRAQ.COM - Subject: Re: NT Screen Saver Password Protect Bug
- From: "Tim Larkins (EUKSHEL1PO)" <tlarkinsEUKSHEL1PO.UNITEDKINGDOM.NCR.COM>
- Date: Fri, 27 Mar 1998 14:25:25 -0000
- Reply-To: "Tim Larkins (EUKSHEL1PO)" <tlarkinsEUKSHEL1PO.UNITEDKINGDOM.NCR.COM>
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
<snip> <snip> <snip> <snip> <snip> <snip> (you know what we're talking about by now) I'm getting the disinct impression that this is being blown outa proportion a bit... YES the point has been made (and proved) that the screensaver in NT is unsecure.. and we should all be thankful that we've been made aware of it, maybe MS will deam it of being of significant enough importance to produce a fix for it.. maybe not... However.. people have made the valid point that NT has implemented security for while your away from your desktop via the "lock workstation feature".. The thread then seems to divert to the fact that althought the "lock workstation" is suitable, it doesn't remove the risk of someone relying on a screensaver to lock their workstation... I'm guessing that probably 10% of security problems (if that) are caused by software "bugs" and then 90% can probably be put down to security policies being enforced.. We're all aware of this "bug" now so how about suggesting ways to remove the risk rather than just debating back and forth as to whether its is or is not a security problem... eg: how about just removing all the screensaver files so the option of locking it in such a way is removed from the user? Introduce a policy of not allowing screensavers on you NT workstations.. after all.. if you're really so concerned about the risk of someone utilising the descibed method to gain access to u're logged in admin account, then the loss of pretty shapes twirling arround on your screen has got to be a small sacrifice... I know this only applies to workstations under your direct control but its a start.. Best regards Tim Larkins NCR Professional Services Email: Tim.Larkins
- Prev by Date: Alert: NTBugtraq may be off air!
- Next by Date: Can't prevent BAT/CMD file termination by users
- Prev by thread: Re: NT Screen Saver Password Protect Bug
- Next by thread: Re: NT Screen Saver Password Protect Bug
- Index(es):