Passwords can be easily hacked using this technique: How do I reset a lost administrative password? .
Asked
Active
Viewed 1,700 times
2 Answers
0
that assumes NO PASSWORD was entered on grub. if you had one; it won't let you do that until you enter the password. to get around that you need a live-boot; which can be stopped by passwords that won't boot unless a key is inserted (requires specific server hardware). to get around that you could re-wire the motherboard .. put passwords on hdd's (not all allow for this) ...
the list is known & well documented; its up to the owner to weigh the effort needed to lock down a issue, and the $cost of implementing the 'fix'.
a w7 flaw (that can bypass all security) was detected within first year of release of OS, but the fix required was declared too costly & would be fixed in next version (w8). they warned users worried about the flaw to watch their power switches if they were worried (it was a local flaw requiring physical access to hardware which is pretty insignificant compared to remote-access flaws..)
guiverc
- 30,396
0
It all depends on the user. If a user has week knowledge, even the most secured os will become venerable.
A well knowledge user will set password for his/her grub too.
Further, this trick will only work if the person has direct access to the computer. Don't think that a malicious code can reset your password without proper permission.
I also know one more trick. If the file system is not encrypted, by mounting the hard-disk as secondary, you can access files of other user. Here too the user's knowledge is week because he/she don't use file encryption.
Such option are kept optional to the user, because these security comes with some cost.
Condition 1) If the user is old person and normal home user, he/she will forget his/her password very often. Will end up in formating all the data.
Condition 2) The file encryption will consume excess space in your hard-drive. A normal home user don't need to force encrypt all files.
If a linux user properly configure ufw and apparmor in his/her system. And use to regularly update all the security patches. It will become very big challenge for hacker to crack.
Further, the theory of hacking prevention don't says that make a secured system is one which is 100% hack proof. It suggest to make the system hack proof such that delay the hacking such that will delay hacking to that extend, which a human can't afford with current day technology. Eg. don't think a person will sit for 100 years to crack a computer.
I think "A Linux OS do this very well".
Aravind
- 908