1996-10-06 - RE: WINDOWS NT ????

Header Data

From: Adamsc@io-online.com (Adamsc)
To: “jfricker@vertexgroup.com>
Message Hash: 19833547ec849710c3415763e585ef9803838b47478e0e8c3d3a87a49640a945
Message ID: <19961006044857578.AAA115@GIGANTE>
Reply To: N/A
UTC Datetime: 1996-10-06 06:53:25 UTC
Raw Date: Sun, 6 Oct 1996 14:53:25 +0800

Raw message

From: Adamsc@io-online.com (Adamsc)
Date: Sun, 6 Oct 1996 14:53:25 +0800
To: "jfricker@vertexgroup.com>
Subject: RE: WINDOWS NT ????
Message-ID: <19961006044857578.AAA115@GIGANTE>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 05 Oct 1996 07:57:22 -0700, John Fricker wrote:

>>Microsoft claims C2 or higher for NT and deserves any ragging they get if
>>it's not.   Ditto for any other vendor who claims one thing and sells
>>another.

>You ought to read about C2. 
>DIdn't Steve Martin say something like "criticize things you don't know about".

Okay, correct me if I'm wrong on this (as if you wouldn't...):
1. Microsoft markets NT with C2 security
2. Numerous industry magazines report that you can bypass NTFS file security
by booting
    off of a diskette and using NTFSDOS.
3. Numerous industry magazines (and I believe MS finally mentioned it in some
routine status
     update) all say that NT should now be considered C2 *ONLY* on machines
w/o floppy 
     drives.

Sounds like they weren't quite honest on this one.  Or are you trying to say
that security-by-obscurity (relying on NTFS's then lack of external mounting
programs) was a good choice?

>>BTW:  Bizarre NT Quirk #15413 -  The Administrator account does not have
>>access to the entire disk.  You got it - if you're the administrator you
>>still cannot look into certain directories belonging to another user - even
>>if you've given all access privileges to the Admin account.  Got a few
>>chuckles at work.

>It's not rocket science to defeat this. The administrator is prevented from casually peering >into user owned directories but any administrator worth a nickle can tap tap click and have >access to any directory. 

I know that you can get in there.  It just seemed odd that it would be setup
by default...


#  Chris Adams <adamsc@io-online.com>   | http://www.io-online.com/adamsc/adamsc.htp
#  <cadams@acucobol.com>		 | send mail with subject "send PGPKEY"
"That's our advantage at Microsoft; we set the standards and we can change them."
   --- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)







Thread