On Thursday, February 27, 2003, at 11:52AM, Eric D. <[EMAIL PROTECTED]> wrote:
>PS I've heard of being able to do an admin password reset using the OS X >boot disk -- is there any way to disable this? Seems like a very dumb >feature for Apple to give easy access to (of course, how do you trade off >the requirement for simplicity for the bulk (60%+) of users who are >virtually computer illiterate vs. those of us who've grown up with Macs and >know every last nook, cranny and trick to bypass security most/many unix distributions have a similar feature. in fact, booting any UNIX into Single User mode (doing this varies widely by vendor, ranging from horribly simple to horrifically difficult) gives SuperUser access to the entire filesystem, including the /etc/passwd (or equivalent) file. i don't care what kind of computer you have... if you can't guarantee physical security to your system, NOTHING will save your data. driver level encryption, wake-from-sleep password protection, nothing. my point is, in the end, that you're trying to use inherently insecure methods and add security to them. sleep is, by it's very nature, an insecure process. booting directly to the desktop is an inherently insecure process. the screen saver is inherently insecure. study programming for a while and you'll see that this isn't something that can just be changed -- find out how a screen saver works, find out how the sleep mode works. Apple can't sit down and just say "oh, hey, let's make it do THIS" when it comes to some of these things. the screen saver, for instance, is just a program that draws on a layer that's on top of everything else. that's all. >(booting into OS 9 >is such a security hole but I guess the only way to easily prevent against >that is to remove a CD-ROM from a machine *and/or* password protect firmware >(if that's an option)). reread some of my previous posts on this. i've already answered this. -- G-Books is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- Check our web site for refurbished PowerBooks | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> G-Books list info: <http://lowendmac.com/lists/g-books.html> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-books%40mail.maclaunch.com/> --------------------------------------------------------------- >The Think Different Store http://www.ThinkDifferentStore.com ---------------------------------------------------------------
