If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#76
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On Fri, 26 Sep 2014 18:28:14 +0100, Joe User wrote:
On 26/09/14 17:44, felmon wrote: On Fri, 26 Sep 2014 09:17:27 +0100, Joe User wrote: opinion It's my opinion that you will never get an agreement from an mvp or indeed any other individual closely associated with Microsoft or Windows that anything is wrong with the platform. ok but Linux people (and Mac people and BSD people and Slack people) et al are also _often_ like that, sensitive to criticism of their favorite modus operandi and this again takes us off the topic about security. I know your view about the security issue though I don't have all the details in mind and it does seem worth having someone who knows Microsoft security issues address it. The deafening silence tells me what I guess I already knew. perhaps but it's worth waiting for winston to chime in. haven't read all of the posts yet so maybe someone has said something in another subthread. The hidden unprotected Administrator account can only be there to allow clandestine access to a machine. I'm just very glad indeed that neither my online businesses or my home networks rely on *any* Microsoft products. Thank whatever God you pray to for free and open source software. theological issues aside, I am thankful for it though very recent history demonstrates there be serious insecurities where one least expects them. nonetheless this Windows one (as it seems) is actually built in which is a different order of insecurity. you cited someone saying Microsoft treats 'stand-alone' different from network. it makes sense to treat them differently but not in this way. F. |
Ads |
#77
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On Sat, 27 Sep 2014 08:21:59 +0100, Joe User wrote:
On 27/09/14 04:50, felmon wrote: [...] Yes, there will always be problems with complex systems, I presume you are talking about the bash issue, it's been in existence for 25 years, the hysterical reaction of the 'meedja' only serves to expand awareness which is no bad thing actually. I predict that there will *not* be a cataclysmic failure of systems using PHP and Apache httpd (among others) although anyone that uses PHP gets everything they deserve :-) we better be careful not to veer too far off topic though it seems this 'hidden admin' thread has reached its end. I'll add that I just did some changes to address the bash issue which also gave me an opportunity (so to speak) to do some necessary upgrades. to the extent I understand the issue, I have the sense it wouldn't affect me very much since it wouldn't be easy to hop onto my ssh sessions some of which are via vpn. I'll have to see what my webhosting people are doing about it though. they use php and apache of course. The difference seems to be that the open source community is only too happy to have these issues out in the open whereas 'hidden away' is never a good thing, ever. from your mouth to the NSA's ears! it looks like the 'hidden admin' issue can be a trap for the unwary. it seems Microsoft could handle it with a simply change of policy. but you can handle it yourself now when you set up your public-access machines. F. nonetheless this Windows one (as it seems) is actually built in which is a different order of insecurity. you cited someone saying Microsoft treats 'stand-alone' different from network. it makes sense to treat them differently but not in this way. |
#78
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 09/26/2014 11:50 PM, felmon wrote:
On Fri, 26 Sep 2014 18:28:14 +0100, Joe User wrote: On 26/09/14 17:44, felmon wrote: The hidden unprotected Administrator account can only be there to allow clandestine access to a machine. I'm just very glad indeed that neither my online businesses or my home networks rely on *any* Microsoft products. Thank whatever God you pray to for free and open source software. theological issues aside, I am thankful for it though very recent history demonstrates there be serious insecurities where one least expects them. True now there's Shellshock a bash vulnerability that may not go away for quite awhile. nonetheless this Windows one (as it seems) is actually built in which is a different order of insecurity. you cited someone saying Microsoft treats 'stand-alone' different from network. it makes sense to treat them differently but not in this way. F. -- Caver1 |
#79
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 27/09/14 22:25, felmon wrote:
On Sat, 27 Sep 2014 08:21:59 +0100, Joe User wrote: On 27/09/14 04:50, felmon wrote: [...] Yes, there will always be problems with complex systems, I presume you are talking about the bash issue, it's been in existence for 25 years, the hysterical reaction of the 'meedja' only serves to expand awareness which is no bad thing actually. I predict that there will *not* be a cataclysmic failure of systems using PHP and Apache httpd (among others) although anyone that uses PHP gets everything they deserve :-) we better be careful not to veer too far off topic though it seems this 'hidden admin' thread has reached its end. It's reached the point where nobody with a vested interest will reply because they know that a hidden unprotected Administrator account is indefensible and not replying will move the thread down the order and eventually it will 'go away' I could bump the thread daily but I probably won't, there are much better ways of increasing awareness of this issue. How about www.indefensiblewindowssecurityissues.com :-) I'll add that I just did some changes to address the bash issue which also gave me an opportunity (so to speak) to do some necessary upgrades. to the extent I understand the issue, I have the sense it wouldn't affect me very much since it wouldn't be easy to hop onto my ssh sessions some of which are via vpn. I'll have to see what my webhosting people are doing about it though. For a non hysterical analysis read this https://securityblog.redhat.com/2014...ection-attack/ -- Not confused, just ... bewildered |
#80
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
felmon wrote:
On Fri, 26 Sep 2014 18:28:14 +0100, Joe User wrote: On 26/09/14 17:44, felmon wrote: On Fri, 26 Sep 2014 09:17:27 +0100, Joe User wrote: opinion It's my opinion that you will never get an agreement from an mvp or indeed any other individual closely associated with Microsoft or Windows that anything is wrong with the platform. ok but Linux people (and Mac people and BSD people and Slack people) et al are also _often_ like that, sensitive to criticism of their favorite modus operandi and this again takes us off the topic about security. I know your view about the security issue though I don't have all the details in mind and it does seem worth having someone who knows Microsoft security issues address it. The deafening silence tells me what I guess I already knew. perhaps but it's worth waiting for winston to chime in. haven't read all of the posts yet so maybe someone has said something in another subthread. The hidden unprotected Administrator account can only be there to allow clandestine access to a machine. I'm just very glad indeed that neither my online businesses or my home networks rely on *any* Microsoft products. Thank whatever God you pray to for free and open source software. theological issues aside, I am thankful for it though very recent history demonstrates there be serious insecurities where one least expects them. nonetheless this Windows one (as it seems) is actually built in which is a different order of insecurity. you cited someone saying Microsoft treats 'stand-alone' different from network. it makes sense to treat them differently but not in this way. F. Chime in ? OK Any attempts to evangelize the issue further is like boarding a runaway ocean liner plowing through the ice where the captain, crew and passengers have left and continuing to look for someone to give you a Drano enema. Bottom line as noted before - protect all admin accounts (the first one Win 8.1 creates and the hidden admin account) with a password. -- ...winston msft mvp consumer apps |
#81
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 29/09/14 07:36, . . .winston wrote:
felmon wrote: On Fri, 26 Sep 2014 18:28:14 +0100, Joe User wrote: On 26/09/14 17:44, felmon wrote: On Fri, 26 Sep 2014 09:17:27 +0100, Joe User wrote: snip you cited someone saying Microsoft treats 'stand-alone' different from network. it makes sense to treat them differently but not in this way. F. Chime in ? OK Any attempts to evangelize the issue further is like boarding a runaway ocean liner plowing through the ice where the captain, crew and passengers have left and continuing to look for someone to give you a Drano enema. Your personal proclivities are of no interest to me and mentioning them only serve to obfuscate the point ... but wait, that's what you want isn't it? You want this nasty little issue to 'just go away' as you know full well it's indefensible to hide an unprotected administrator account from an unknowing user but just cannot bring yourself to admit that you are wrong. Epic fail on the integrity front eh? Bottom line as noted before - protect all admin accounts (the first one Win 8.1 creates and the hidden admin account) with a password. OK, I'm going to shout now as once again you are missing the point. Protecting *any* account is a good idea but ... and this is the important bit. ================ Read this ================ YOU HAVE TO KNOW IT EXISTS FIRST DON'T YOU? =========================================== It really isn't that hard to grasp the concept. Would you like me to explain it to you *again* -- Not confused, just ... bewildered |
#82
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
Joe User wrote:
On 29/09/14 07:36, . . .winston wrote: felmon wrote: On Fri, 26 Sep 2014 18:28:14 +0100, Joe User wrote: On 26/09/14 17:44, felmon wrote: On Fri, 26 Sep 2014 09:17:27 +0100, Joe User wrote: snip you cited someone saying Microsoft treats 'stand-alone' different from network. it makes sense to treat them differently but not in this way. F. Chime in ? OK Any attempts to evangelize the issue further is like boarding a runaway ocean liner plowing through the ice where the captain, crew and passengers have left and continuing to look for someone to give you a Drano enema. Your personal proclivities are of no interest to me and mentioning them only serve to obfuscate the point ... but wait, that's what you want isn't it? You want this nasty little issue to 'just go away' as you know full well it's indefensible to hide an unprotected administrator account from an unknowing user but just cannot bring yourself to admit that you are wrong. Epic fail on the integrity front eh? Bottom line as noted before - protect all admin accounts (the first one Win 8.1 creates and the hidden admin account) with a password. OK, I'm going to shout now as once again you are missing the point. Protecting *any* account is a good idea but ... and this is the important bit. ================ Read this ================ YOU HAVE TO KNOW IT EXISTS FIRST DON'T YOU? =========================================== It really isn't that hard to grasp the concept. Would you like me to explain it to you *again* No explanation necessary. Now that you're the captain of that unmanned 'look what I found ship' do let us know of it's success. Maybe the drano will help thaw the upcoming iceberg. -- ...winston msft mvp consumer apps |
#83
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 29 Sep 2014, Joe User wrote in
alt.comp.os.windows-8: Protecting *any* account is a good idea but ... and this is the important bit. ================ Read this ================ YOU HAVE TO KNOW IT EXISTS FIRST DON'T YOU? =========================================== It really isn't that hard to grasp the concept. Would you like me to explain it to you *again* So now those few who read this tiny newsgroup who didn't already know it before know it. Now it's time for you to move on. Maybe Fox News would be interested. |
#84
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 29/09/14 19:56, Nil wrote:
On 29 Sep 2014, Joe User wrote in alt.comp.os.windows-8: Protecting *any* account is a good idea but ... and this is the important bit. ================ Read this ================ YOU HAVE TO KNOW IT EXISTS FIRST DON'T YOU? =========================================== It really isn't that hard to grasp the concept. Would you like me to explain it to you *again* So now those few who read this tiny newsgroup who didn't already know it before know it. Now it's time for you to move on. I moved on days ago, I just like poking the nest and seeing what scuttles out ... and it doesn't get any less sickening. -- Not confused, just ... bewildered |
#85
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 29 Sep 2014, Joe User wrote in
alt.comp.os.windows-8: I moved on days ago, Obviously not. I just like poking the nest and seeing what scuttles out ... and it doesn't get any less sickening. |
#86
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 29/09/14 20:37, Nil wrote:
On 29 Sep 2014, Joe User wrote in alt.comp.os.windows-8: I moved on days ago, Obviously not. What you actually mean is 'forget about it' Never happen. -- Not confused, just ... bewildered |
#87
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On 29 Sep 2014, Joe User wrote in
alt.comp.os.windows-8: On 29/09/14 20:37, Nil wrote: On 29 Sep 2014, Joe User wrote in alt.comp.os.windows-8: I moved on days ago, Obviously not. What you actually mean is 'forget about it' Never happen. That's what your paranoid mind wants you to think I meant. I did not. |
#88
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
On Mon, 29 Sep 2014 02:36:30 -0400, . . .winston wrote:
Chime in ? OK Any attempts to evangelize the issue further is like boarding a runaway ocean liner plowing through the ice where the captain, crew and passengers have left and continuing to look for someone to give you a Drano enema. Bottom line as noted before - protect all admin accounts (the first one Win 8.1 creates and the hidden admin account) with a password. Winston, you are pretty sharp. You must have figured out by now that JU isn't going to understand any of this. But truth to tell, I did get a kick out of a recent post of his, where he said: "It's reached the point where nobody with a vested interest will reply because they know that a hidden unprotected Administrator account is indefensible and not replying will move the thread down the order and eventually it will 'go away'" You realize that this means that if you answer, you're clearly trying to mislead or lie to him, and if you don't answer, you're still trying to mislead or lie to him. And that's my misleading lie for today :-) -- Gene E. Bloch (Stumbling Bloch) |
#89
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
Gene E. Bloch wrote:
On Mon, 29 Sep 2014 02:36:30 -0400, . . .winston wrote: Chime in ? OK Any attempts to evangelize the issue further is like boarding a runaway ocean liner plowing through the ice where the captain, crew and passengers have left and continuing to look for someone to give you a Drano enema. Bottom line as noted before - protect all admin accounts (the first one Win 8.1 creates and the hidden admin account) with a password. Winston, you are pretty sharp. You must have figured out by now that JU isn't going to understand any of this. But truth to tell, I did get a kick out of a recent post of his, where he said: "It's reached the point where nobody with a vested interest will reply because they know that a hidden unprotected Administrator account is indefensible and not replying will move the thread down the order and eventually it will 'go away'" You realize that this means that if you answer, you're clearly trying to mislead or lie to him, and if you don't answer, you're still trying to mislead or lie to him. And that's my misleading lie for today :-) I prefer to just look for more info on the subject. http://technet.microsoft.com/en-us/m...07.06.acl.aspx If the account is hidden, then you cannot log into it. If it is unhidden, then you should set a password. If the system is operating normally, an account belonging to the administrators group (mine), prevents the hidden one from being used. So the interesting scenario would be, how do you lose all the administrator group accounts, then sit around for years and years, with that hidden one showing in recovery console. And if someone has the password to an administrator group account, the jig is up anyway. It doesn't matter at that point, what happens to the hidden administrator account. So in a "normal" operating state, there seems to be basic coverage. Even if they removed that account entirely (as Jesper says, "deprecated"), there will still be programs out there to erase the password, so you can get in. So it's not like the OS was a model of iron clad security in the first place. What would be a more ugly scenario, would be if all the accounts were removed. I don't think password hacking or cracking would help at that point. But a hidden administrator account that pops up out of no-where, that would be your life line. Paul |
#90
|
|||
|
|||
Windows 8.1 user accounts, you have GOT to be kidding.
Gene E. Bloch wrote:
On Mon, 29 Sep 2014 02:36:30 -0400, . . .winston wrote: Chime in ? OK Any attempts to evangelize the issue further is like boarding a runaway ocean liner plowing through the ice where the captain, crew and passengers have left and continuing to look for someone to give you a Drano enema. Bottom line as noted before - protect all admin accounts (the first one Win 8.1 creates and the hidden admin account) with a password. Winston, you are pretty sharp. You must have figured out by now that JU isn't going to understand any of this. But truth to tell, I did get a kick out of a recent post of his, where he said: "It's reached the point where nobody with a vested interest will reply because they know that a hidden unprotected Administrator account is indefensible and not replying will move the thread down the order and eventually it will 'go away'" You realize that this means that if you answer, you're clearly trying to mislead or lie to him, and if you don't answer, you're still trying to mislead or lie to him. And that's my misleading lie for today :-) That was one of the op's finer replies and just like a thread long forgotten or ignored so will that ship with it's new captain, and the ship's tone, tenor and hierarchy - even the background music - of little consequence since no on else is on board to listen. We've all seen and/or conversed with posters in this forum that appear as capricious, raving, self-serving, alternative agenda-driven, Doogie Howser wannabe iceholes yet that doesn't mean they are not entertaining. Usenet breeds iceholes: its principle export. In the long run this forum is nothing more than entertainment, and if we haven't come to that conclusion then maybe we should all be misleading iceholes, too. -- ...winston msft mvp consumer apps |
Thread Tools | |
Display Modes | Rate This Thread |
|
|