|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
10-27-2006
| #1 (permalink) |
| | An attack vector which Vista is supposed to withstand? If I have a laptop with: TPM hardware Vista with bitlocker, set to automatically boot up using the key in the TPM module Vista's default security settings, including default UAC settings and filesystem ACLs one non-administrator account in Vista, with the password written on a sticky note on the laptop one administrator account with a 20-random-character password not written down anywhere files in the administrator's home directory which contain information worth a couple million dollars and this laptop is stolen by a thief who's trying to get those files, is it realistic to expect that the thief will be unable to read them? (Assume here that attacking the TPM module itself will not succeed.) |
My System Specs |
|
10-27-2006
| #2 (permalink) |
| | Re: An attack vector which Vista is supposed to withstand? Yes "Roof Fiddler" <fiddler@roof.com> wrote in message news:%2379ClPc%23GHA.1784@TK2MSFTNGP04.phx.gbl... > If I have a laptop with: > TPM hardware > Vista with bitlocker, set to automatically boot up using the key in the > TPM module > Vista's default security settings, including default UAC settings and > filesystem ACLs > one non-administrator account in Vista, with the password written on a > sticky note on the laptop > one administrator account with a 20-random-character password not written > down anywhere > files in the administrator's home directory which contain information > worth a couple million dollars > > and this laptop is stolen by a thief who's trying to get those files, is > it realistic to expect that the thief will be unable to read them? (Assume > here that attacking the TPM module itself will not succeed.) > |
| My System Specs |
|
10-28-2006
| #3 (permalink) |
| | Re: An attack vector which Vista is supposed to withstand? Windows Vista mitigates this situation pretty well. Here are some of the attack vectors available to the attacker: 1) Cracking the password to an account with privileges to the file 2) Privilege escalation attack - taking advantage of a bug in a windows service / scheduled task / driver / etc that runs with admin privileges, either to change ntfs permissions on the file, or other means I'd say overall the security provided by this scenario is "better than anything available with XP", but certainly not up to par for a file worth millions of dollars. -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/ |
| My System Specs |
|
11-04-2006
| #4 (permalink) |
| | Re: An attack vector which Vista is supposed to withstand? You can never be sure. I keep all important data on a PGP disk. "Roof Fiddler" <fiddler@roof.com> wrote in message news:%2379ClPc%23GHA.1784@TK2MSFTNGP04.phx.gbl... > If I have a laptop with: > TPM hardware > Vista with bitlocker, set to automatically boot up using the key in the > TPM module > Vista's default security settings, including default UAC settings and > filesystem ACLs > one non-administrator account in Vista, with the password written on a > sticky note on the laptop > one administrator account with a 20-random-character password not written > down anywhere > files in the administrator's home directory which contain information > worth a couple million dollars > > and this laptop is stolen by a thief who's trying to get those files, is > it realistic to expect that the thief will be unable to read them? (Assume > here that attacking the TPM module itself will not succeed.) > |
| My System Specs |
|
11-04-2006
| #5 (permalink) |
| | Re: An attack vector which Vista is supposed to withstand? There are two failures here, neither of which is technical: a.. a password is written on a sticky note b.. the user of the computer (I presume the non-admin user) is allowed to share a computer with another user, who logs on as an administrator and is involved in the organization's large financial dealings Another way of diagnosing the failures is this: a.. the owner of the computer, involved in the organization's large financial dealings, operates his computer as an administrator b.. this person shares his computer with another person, who keeps his/her password on a sticky attached to the computer The correct mitigation here is to fix these problems. ______________________________________________________ Steve Riley steve.riley@microsoft.com http://blogs.technet.com/steriley http://www.protectyourwindowsnetwork.com "Roof Fiddler" <fiddler@roof.com> wrote in message news:%2379ClPc%23GHA.1784@TK2MSFTNGP04.phx.gbl... If I have a laptop with: TPM hardware Vista with bitlocker, set to automatically boot up using the key in the TPM module Vista's default security settings, including default UAC settings and filesystem ACLs one non-administrator account in Vista, with the password written on a sticky note on the laptop one administrator account with a 20-random-character password not written down anywhere files in the administrator's home directory which contain information worth a couple million dollars and this laptop is stolen by a thief who's trying to get those files, is it realistic to expect that the thief will be unable to read them? (Assume here that attacking the TPM module itself will not succeed.) |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| virus attack in vista...!! | Vista security | |||
| Vista suffering after trojan attack | System Security | |||
| Vista Explorer Crashes When opening Folder containing Vector files | Vista file management | |||
| What Vista was supposed to look like : | Vista General | |||
| Vista and vector graphics | Vista General | |||
