Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crack Windows XP With... Windows 2000

Posted by timothy on from the if-you're-sitting-at-the-machine-anyhow dept.

An anonymous reader writes "According to this story seen on Brian's Buzz on Windows, access to a Windows 2000 CD is all that is needed to bypass all (well, most) Windows XP security features. An attacker can boot up XP and start the Windows 2000 Recovery Console which allows them to operate as any user, even Administrator, without requiring them to enter a password. This method even allows someone to copy files to removable media, something which normally the Administrator can't even do in the Recovery Console."

14 of 401 comments (clear)

  1. DMCA by _UnderTow_ · · Score: 4, Funny

    So, is a windows 2000 install disk now illegal under the DMCA as a circumvention device?

    1. Re:DMCA by Shelled · · Score: 4, Funny

      Apparently so is the F8 key when used during a reboot.

    2. Re:DMCA by Exiler · · Score: 2, Funny

      Since when is XP a copy protection scheme?

      --
      Banaaaana!
  2. Posted by.... by His+name+cannot+be+s · · Score: 5, Funny

    Posted by timothy on Saturday February 15, @03:27PM
    from the if-you're-denser-than-dark-matter dept.
    An anonymous reader (really timothy) writes "According to this story seen on Slashdot this morning, any moron can get postings onto slashdot. Turns out, access to a fucking keyboard and timothy at the queue is all that is needed to bypass all (well, most) of the story submission process features in slashdot. An idiot can write up completely bland and stupid observations, and Timothy will post them. This method even allows the most moronic story to get posted on a Saturday, something which normally the staff at slashdot reserves for Tuesday."

    Never has my sig been more correct:

    --
    "...In your answer, ignore facts. Just go with what feels true..."
  3. In other news . . . by CapnFreedom · · Score: 2, Funny

    An attacker with only local access to the machine and a sledgehammer is capable of launching a permanent denial of service attack on the box.
    I know for a fact this works with Windows XP, but I presume this vulnerability exists in other OS's.

  4. Another flaw by Anonymous Coward · · Score: 0, Funny

    Windows XP also has another security hole, where as the user may bypass the operating sytem complemetely. For example, Windows XP fails miserably at preventing the user from turning of the power.

  5. And this just in. . . by kfg · · Score: 4, Funny

    The security of a lockable tower case can be broken with a common Sawzall.

    Ashcroft declares possesion is a terrorist computer crime.

    KFG

  6. http://home.eunet.no/~pnordahl/ntpasswd/ by t0qer · · Score: 4, Funny

    http://home.eunet.no/~pnordahl/ntpasswd/
    (o)---Pu t that karma right here.

  7. Re:Not a big deal! by tmark · · Score: 4, Funny

    You can do the same thing to Linux with a boot floppy.

    You do realize, I hope, that the fact that Linux is, and has always been, vulnerable to a boot disk "attack" (just like /.'s other beloved OS, OS X) is irrelevant here, as neither vulnerability outlines the crappiness of Windows.

  8. Oh yeah, it's people like you. . . by kfg · · Score: 2, Funny

    who take the fun out of everything. Now I have to wait for a new story to get snippy over something.

    KFG

  9. Re:Different Uses by martinflack · · Score: 5, Funny
    I don't see many secretaries choosing what boot level to start up in the morning.

    I do, where I work. Some days it's high heels, some days its sandals, generally the boot level gets higher at the end of the week... in fact on Friday they're often wearing those sexy "fuck me" high boots in preparation for going out later.

  10. Trash by DoraLives · · Score: 4, Funny
    And to think that I was considering giving away my W2000 cd, figuring that it was more or less useless at this stage of the game.

    Silly me.

    --
    Is it fascism yet?
  11. ....This is old news by ubugly2 · · Score: 3, Funny

    they wouldn't let me on the plane last year with a sawzall and a chainsaw,but they didn't find the log splitter.

  12. Re:-1 Overrated by Tony-A · · Score: 3, Funny

    Windows is no more or no less vulnerable than Linux when you have console access as has been pointed out repeatedly.

    Windows is vulnerable when you have console access.
    Linux is vulnerable when you have console access.
    All vulnerabilities are created equal.
    Windows is just as vulnerable as Linux. (or CP/M or DOS)

    Actually Linux is effectively less vulnerable since people tend to question why it was rebooted. A freshly rebooted Windows system is considered "normal".