From: Adamsc@io-online.com (Adamsc)
Date: Sat, 16 Nov 1996 18:05:10 -0800 (PST)
To: "mhw@wittsend.com>
Subject: Re: NT insecurity
Message-ID: <19961117020255750.AAA212@rn234.io-online.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 16 Nov 1996 17:00:56 -0500 (EST), Michael H. Warfield wrote:

>	Hooo  Hummm...  Another one...

>> Given the recent comments about insecure machines, I thought it was
>> interesting to note that you can clear *every* password on an NT box by using
>> a diskeditor to corrupt the password file (Boot off of a floppy and use
>> NTFSDOS if you have to).  It'll reboot several times and then you'll be
>> allowed to login.

>	Much as I absolutely detest NT, lets reitterate what everyone else
>on this list has already heard too TOO many times...  If you have physical
>access to the machine, it ain't secure.  It doesn't matter what operating

True.  However, as has been reiterated many times, NT is being marketed as a
secure platform.  Unix people tend to know that you need to work to secure
it.  MS hype might lead some of the non-cypherpunk admin types to believe
it's secure.  Trust me. I hear from these people all the time!

#  Chris Adams <adamsc@io-online.com>   | http://www.io-online.com/adamsc/adamsc.htp
#  <cadams@acucobol.com>		 | send mail with subject "send PGPKEY"
"That's our advantage at Microsoft; we set the standards and we can change them."
   --- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)