IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Right - I haven't a clue where Word's "safe mode" switch is
I didn't know it had one.



[link|http://www.blackbagops.net|Black Bag Operations Log]

[link|http://www.objectiveclips.com|Artificial Intelligence]

[link|http://www.badpage.info/seaside/html|Scrutinizer]
New Start button, Run, notepad
-----------------------------------------
Impeach Bush. Impeach Cheney. Do it now.
New That was great
Create a desktop shortcut to Word that includes the ' /safe' switch. Cool, huh?
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
New Create an alternate login without admin priviliges
Kinda like not logging on as root...
If you can't screw with the system, the vuln is unimportant.
New You assume no bugs in Windows' authorization system
I think that that assumption is not safe.

Cheers,
Ben
I have come to believe that idealism without discipline is a quick road to disaster, while discipline without idealism is pointless. -- Aaron Ward (my brother)
New I would never assume such a thing.
In fact, I would never assume that the Windows security model would work in any case. There are too many holes and exceptions there. Once you trick the machine into running code at system privilige level, you can then muck with ACLs and SACLs and there is no security system left, unless it is your intent to prevent the owner from using his machine at all, in which case the system can be fairly effective.
Vista currently runs processes at standard user level and requires consent to elevate them to run at admin level. This has already pissed enough people off that they now have a security setting option Local Security Setting : User Account Control : Behavior of the elevation prompt for administrators (Prompt for consent - No prompt - Prompt for credentials)
They're already patching the patches for a product not released yet. My faith in Microsoft is as strong as ever...
New Then what's the point of creating a limited user account?
I have come to believe that idealism without discipline is a quick road to disaster, while discipline without idealism is pointless. -- Aaron Ward (my brother)
New On released versions or Vista?
On released systems w2k and xp, for example, it might work. Might not. If you are willing to not be able to do installations that muck with the registry, you might dodge a bullet once in a while. You may have introduced another level of annoyance to your attacker.

On Vista, once again, M$ knows better than you what is good for you. If you are an administrator, you will run as a user unless you elevate the privilige level. They also have a shitload of new privilige levels. There is one called "Trusted Installer" that is a genuine significant rectal discomfort. You can be the sole adminstrator on the machine and you CAN'T change any settings or delete/modify files that have that privilige. In any event, they are now putting in ways around the new security features to try to make the system less obnoxious to upper end users.


New Remind me not to use Vista...
I have come to believe that idealism without discipline is a quick road to disaster, while discipline without idealism is pointless. -- Aaron Ward (my brother)
New Peter's job, stridently, I believe, but...
I'm willing to do so periodically as a friend.


Friends shouldn't let friends use Windows on the net...
New Hey, Ben?
Don't use Vista.
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
New Windows admin rights are a pain.
Especially when it takes admin priveledges to install most anything. A lot of corp environments give Windows users admin rights by default. Saves on tech support calls.

Snort.
-----------------------------------------
Impeach Bush. Impeach Cheney. Do it now.
New THE LACK OF Windows admin rights IS a pain.



[link|http://www.blackbagops.net|Black Bag Operations Log]

[link|http://www.objectiveclips.com|Artificial Intelligence]

[link|http://www.badpage.info/seaside/html|Scrutinizer]
New Two levels of security - All or Nothing.
     Microsoft: Take a week off--unpaid - (bluke) - (20)
         Microsoft is losing it - (JayMehaffey) - (19)
             Which just means it does more damage on the way down. -NT - (inthane-chan)
             Yep, early reports on latest vista beta - (tuberculosis) - (17)
                 Vista is staggeringly crap - (pwhysall) - (16)
                     But but but ... - (drewk) - (15)
                         Right - I haven't a clue where Word's "safe mode" switch is - (tuberculosis) - (13)
                             Start button, Run, notepad -NT - (Silverlock)
                             That was great - (drewk)
                             Create an alternate login without admin priviliges - (hnick) - (10)
                                 You assume no bugs in Windows' authorization system - (ben_tilly) - (6)
                                     I would never assume such a thing. - (hnick) - (5)
                                         Then what's the point of creating a limited user account? -NT - (ben_tilly) - (4)
                                             On released versions or Vista? - (hnick) - (3)
                                                 Remind me not to use Vista... -NT - (ben_tilly) - (2)
                                                     Peter's job, stridently, I believe, but... - (hnick)
                                                     Hey, Ben? - (drewk)
                                 Windows admin rights are a pain. - (Silverlock) - (2)
                                     THE LACK OF Windows admin rights IS a pain. -NT - (tuberculosis) - (1)
                                         Two levels of security - All or Nothing. -NT - (ChrisR)
                         That's about to change with Office 12. - (pwhysall)

We get more play than a 6-disc changer in a bitchin' Camaro.
82 ms