Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Offers New Data-Security Scheme

Posted by timothy on from the now-press-this-button dept.

bingly_beep writes "The BBC is reporting Microsoft's new user security measure, whereby users sensitive information is stored on their PC rather then online, as in their previous offerings, such as Passport. This sounds like a good idea, but any such system would surely require that the user definitely erases the HD on any machine they sell. Perhaps Microsoft should include an option, like 'Prepare this computer for resale,' which utterly destroys all data."

15 of 309 comments (clear)

  1. In future headlines... by Caspian · · Score: 4, Funny

    Pimp offers new "disease-free guarantee".

    --
    With spending like this, exactly what are "conservatives" conserving?
  2. Aw hell... by werewolf1031 · · Score: 5, Insightful
    Perhaps Microsoft should include an option, like 'Prepare this computer for resale,' which utterly destroys all data."

    Yeah, like THAT won't be hacked all to fvck by virus-writers. Great suggestion!

    1. Re:Aw hell... by rbarreira · · Score: 4, Insightful

      Virus writers don't need that to destroy the data of a windows pc...

      --

      The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
    2. Re:Aw hell... by werewolf1031 · · Score: 5, Insightful
      and not anything a virus/trojan couldn't do on it's own

      Not quite. Think about it: In this particular scenario, we're keeping all our personal/important/sensitive data in one place, and more dangerously, a place that's standardized, ie. easy to find. At least with users scattering their personal stuff all over the hard drive, it's easier to "mask" from a virus/trojan looking for that data.

      But with this new setup, the data's all in one spot. In the SAME spot, regardless of the machine or the user. (Cuz you just know that MS is gonna create a standard folder for this.)

      So, by doing this, it'd actually make the malicious program writer's job easier.

    3. Re:Aw hell... by sqlrob · · Score: 4, Informative

      The "Designed for XP" label requires the ability to run as a lower privileged user. I don't know how much more MS can really do to enforce it.

      The problem with games is that they use low level access for copy protection tests, and need admin level to do that.

  3. Both sides of the coin by 00+Agent+Kid · · Score: 5, Interesting

    This could be good or bad. The data, stored on the computer, would not be on the Internet all the time and thus be safer. On the other hand, .Net has great security. A user with little computer knowledge would not protect his/her computer well enough from hackers, etc., which would leave the data "out there." I think that the latter is safer, however.

    And, as stated in the article, there had better be a way to destroy all sensitive data if the user wishes to sell the computer.

    --
    INACTIVE ACCOUNT
  4. Either solution is flawed by Jailbrekr · · Score: 5, Insightful

    So you either store the information locally, and run the risk of a local exploit thanks to the latest and greatest security hole, or you store the information online, and run the risk of the central site being compromised. The first will be more common but limit the data theft to only a single person, whereas the second will be much less frequent but will limit the data theft to the entire customer base.

    In the grand scheme of things, they are both as flawed, just in differing ways.

    --
    Feed the need: Digitaladdiction.net
  5. rather then by ezzzD55J · · Score: 5, Funny
    rather THAN

    rather THAN damnit

    please continue

  6. Oh Please by finkployd · · Score: 5, Funny

    This sounds like a good idea, but any such system would surely require that the user definitely erases the HD on any machine they sell.

    Yes, because today it is perfectly ok to sell a system without erasing the hard drive. I mean for real, who stores private or important data on a computer?

    Finkployd

  7. The assumption being by popo · · Score: 5, Interesting

    MSFT's assumption is apparently that data stored on personal computers is more secure than on servers.

    I'm not sure that this is necessarily true.

    When you consider that the vast majority of computer users have no idea what a "firewall" is, and that MSFT's track record for security is poor to say the least -- its not obvious that storing sensitive data in designated locations on PC's is the safer route at all.

    Some might say this is MSFT's way of passing the buck of responsibility to the end user rather than fixing the problem. Now if data is compromised fault could arguably lie with mom and pop rather than a Microsoft server.

    --
    ------ The best brain training is now totally free : )
  8. Insecure Cookies by The+Amazing+Fish+Boy · · Score: 5, Insightful

    Read the article. Sounds like they've made cookies, but more than one site can read them. My guess is you'd have to authorize the site to read them, but this is bad news.

    If a site can trick you into hitting "OK," they could get your info.

    Of course the site probably has to be registered with MS in some way. Maybe this is a way for Microsoft to offer a "secure browsing experience" that is also convenient. IE7 will likely view MS-approved sites as "higher security" than SSL approved sites.

  9. Erasing the HD? by SiO2 · · Score: 4, Informative

    Erasing or otherwise formatting a hard drive doesn't do any good to eradicate personal information. I've used these guys on numerous occasions to successfully recover data from hard drives that have been formatted, imaged, etc.

    If you're going to sell a computer, swap out the drive containing your data for a new one. They're cheap. Hold onto the drive that houses your data.

    SiO2

  10. just shred it by budgenator · · Score: 4, Interesting

    One little linux command is all it takes, insert linux live CD and su -c"shred /dev/hda" and even the NSA would have trouble getting any data off the harddisk, windows license isn't transferable anyways. Fight software piracy, shred used Windows hard disks!

    --
    Apocalypse Cancelled, Sorry, No Ticket Refunds
  11. The most practical way to permanently erase a HDD by karlandtanya · · Score: 4, Insightful
    is with thermite.

    You can use a 5/7/9 pass DOD overwrite. Or a 39-step Gutmann overwrite. Or the ultrasuperduperTFH method of... You get the idea. It takes a looonng time.

    HDDs are cheap, especially one you've used so long you're going to sell the computer.

    Take it apart & melt the disks. If you have a lot of them, just use a fish cooker.

    --
    "Reality is that which, when you stop believing in it, it doesn't go away." - Philip K. Dick
  12. Re:windows XP filevault equivalent? by TheAwfulTruth · · Score: 4, Informative

    Yes and it has been for years.

    But just like Mac (now) and Linux it is off by default.

    One main reason is that in order to use it (on any OS) you have to use your brain. Basically you have to rememeber to properly handle your user data before mucking about with user accouts or you can permanetly lose everything. This problem has already been demonstrated repeatedly in the Mac user space WRT iTunes downloads which are pinned to used accounts. Destroy a user account before transferring ownership of the data and yo ulose your songs.

    Of course, this is the point. But what happens is, 99 out of 100 people that lose everything do so in situations where they didn't really want to.

    Thus, use of the systems by people that don't know how they work or what the drawbacks are are more likely to have problems with their data by using the system than by not using it. So, in all cases, the EFS remains turned off by default.

    --
    Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!