XP secure during repair?

Discussion in 'Computer Security' started by Mike, Jul 2, 2004.

  1. Mike

    Mimic Guest

    I love you :X


    "When life hands you lemons, ask for tequila and salt."
    ZGF0YWZsZXhAY2FubmFiaXNtYWlsLmNvbQ== ( www.hidemyemail.net )
    "Without knowledge you have fear. With fear you create your own nightmares."
    "He who controls Google, controls the world".
    Mimic, Jul 3, 2004
    1. Advertisements

  2. Mike

    klunk Guest

    you could try onsite service...
    I've recently met some people from "NerdsOnSite"
    (http://www.nerdsonsite.com) that will come to your home/office and service
    your system while you're there... (no... I don't get anything for this
    referral)... there may be other, similar service providers in your area...
    klunk, Jul 3, 2004
    1. Advertisements

  3. Oh, kiddy porn.
    Mike, the tape-recorded, hampering engineer, Jul 3, 2004
  4. Mike

    Mike Guest

    Thanks all for response. The concensus seems to be that XP passwords are
    there to prevent cursory or unacquainted intrusion and the real solution to
    security is third party encryption and on-site or self repair. I know not
    every technician has either the time or the inclination to pore over my love
    letters but reliance on lack of intent is not best security. On my 98
    machine I used a BIOS password - would this be a more secure option for XP.
    Thanks again.
    Mike, Jul 3, 2004
  5. BWAHAHAHAHAHAHAHAHA!!! In 24hoursupport.helldesk, maybe. In the real world?
    Mike, the dysfunctional, portioning octopus, Jul 3, 2004
  6. My understanding is that a BIOS password can easliy be circumvented by
    removing and replacing the battery on your motherboard. If you want real
    security, use encryption.
    nostril sludge, Jul 3, 2004
  7. Mike

    Mike Guest

    I run a computer repair company, and I whole-heartedly agree with what
    you say. We can't be bothered with what you have on your computer. Get
    the job done, off the bench and on with the next one.

    Watch out, the paranoia is out to get you! :)
    Mike, Jul 3, 2004
  8. Mike

    Mr Nobody Guest

    There's still the same problem. If the technician can't get into the
    computer (software-wise) how can he fix and/or test it?

    And I don't suppose the BIOS password would stop them form demounting
    the HD and putting it into another machine, which they might do in any
    case to text it.

    No, I think OTF encryption with BestCrypt (or similar) is the best
    solution - you can create an encrypted virtual drive for all your

    Alternatively, use a demountable hard drive of some sort you can pull

    BTW, which of the newsgroups do all the trolls in this thread come
    Mr Nobody, Jul 3, 2004
  9. Mike

    Leythos Guest

    Nope, a BIOS password would do nothing - if you take your machine to a
    technician to have it fixed you are going to have to give them the BIOS
    password or they won't be able to do anything. If the machine won't boot
    it's going to be hard to trouble shoot, not to mention that removal of
    the drive and putting it in another machine is still very easy to do and
    would not be stopped by a BIOS password.

    There are two viable means of data security:

    1) Encryption - purchasing a product that encrypts the files that you
    want to protect. Keep in mind that if you choose to encrypt an entire
    drive that loss of the key will mean the loss of everything on the

    2) Off-line storage of the data - in this case you only keep the files
    on removable media and store it in a safe place when you don't have it
    on-line. One thing to remember, if you copy the off-line files to a
    drive, when you delete the files off of the driver they can still be
    recovered by sector level recovery tools. I was able to recover 30gb of
    files after an FDISK using a sector level recovery too a couple years
    Leythos, Jul 3, 2004
  10. Mike

    DarthGates Guest

    | ]| XP Home, file system NTFS.
    | ]|
    | ]| XP is more secure than 98 but are the login passwords truly secure. I have 4
    | ]| passworded accounts - is it true that without the password these accounts
    | ]| are not accessible. If I take my PC in for hardware repair is there no way
    | ]| for the technician to access my hardrive and its data beyond the login
    | ]| screen. No secret admin account or account entrance that is built in or
    | ]| could they run another OS from the cd drive such as DOS or Linux and access
    | ]| the drive information that way or another way I have not considered. I ask
    | ]| this because it just occurs to me how much private and personal information
    | ]| I have on my hardrive should it need repair. Thanks.
    | All of the information on that hard drive will be readable by the repair
    | people. the passwords are irrelevant (they can be evaded and anyway, they
    | can put the drive into another system and read everything.
    | a) never send in your drive-- they are cheap. If it breaks just buy a new
    | one.
    | b) encrypt everything (and if you forget your password, the data is also
    | gone.)
    Or setup this way main harddrive 20gb for the OS ,then 120gb to keep all data
    on it . Encrypt everything on the 120gb drive backup encryption key to CD .
    DarthGates, Jul 3, 2004
  11. Mike

    Kleeb Guest

    This one :


    Making sure this group isn't included in any replies would go a long way to
    attracting more undesirable attention. Not posting to it in the first place
    would be even better. If you don't believe me just go take a look.

    You're using Agent, it has cross-post checking on by default.


    Kleeb, Jul 3, 2004
  12. Mike

    Kleeb Guest

    FFS. 'Would go a long way toward PREVENTING more undesirable attention'.


    Kleeb, Jul 3, 2004
  13. Mike

    Mimic Guest

    Nope again, BIOS passwords are easy to get round either by using the
    default manufacture pass, removing the cmos battery or "hot wiring" the
    pins :p


    "When life hands you lemons, ask for tequila and salt."
    ZGF0YWZsZXhAY2FubmFiaXNtYWlsLmNvbQ== ( www.hidemyemail.net )
    "Without knowledge you have fear. With fear you create your own nightmares."
    "He who controls Google, controls the world".
    Mimic, Jul 4, 2004
  14. Mike

    nemo outis Guest

    Some BIOS passwords are quite difficult - I had to use a special
    circuit and get data from Australia for a friend's IBM Thinkpad
    to reset it. The machine was unusable until then.

    Of course, it was still easy to dump the contents of hard disk

    nemo outis, Jul 4, 2004
  15. Mike

    Toolman Tim Guest

    I was wondering about that myself - the Dell laptops at work have a hard
    drive password in CMOS as well as user/system passwords. Supposedly, the
    hard drive won't read on *any* computer without the password. But I've never
    had time to borrow the boss's laptop to test it <g>
    Toolman Tim, Jul 4, 2004
  16. Mike

    Mike Guest

    Anyone heard of this. Is it more secure than the BIOS and login passwords
    (which aren't secure) - search for security continues. Found the following
    instructions in another ng:

    'Start Menu, Run, Type:
    press enter.

    A dialog box will appear
    "Securing the Windows Account Database"
    Click [Update]
    (o) Password Startup
    Type and confirm the password. Click [OK].

    If You forget the password, You MUST reinstall Windows (that means CLEAN)'.
    Mike, Jul 4, 2004
  17. Mike

    MsyJsy Guest

    I have forgotten my windows pass words on a `95 and A `98 system.
    Unplugging the PC while the power was on, and then removing the cmos battery
    made ALL requirements for windows pass words disappear upon start-up.

    MsyJsy, Jul 4, 2004

  18. lol.

    thanks. I needed a good laugh.

    Colonel Flagg

    Privacy at a click:

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jul 4, 2004
  19. <blink> <blink> <blink>

    MsyJsy, the keeper of the market stall, Jul 4, 2004
  20. Mike

    Mr Nobody Guest

    There must be a way of doing it unless the Dell HD is encrypted, which
    I doubt. All other password systems are just gateways - and you can
    always go over the wall if you know how.

    You might have to interfere with the electronics of the HD, or even
    remove the platters and put them into another drive, but if the data
    on the platters is stored in plaintext, there must be a way of getting
    at it if you have the determination and expertise.
    Mr Nobody, Jul 4, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.