Vista, Security and A Chocolate Tea Pot

  PalaeoBill 15:39 19 Mar 2009

No prizes for what connects the three.

One more password protected computer has been brought to me. This time it is because the brother of a friend has died and his family want to remove the personal files from his laptop.

It is a virtulally brand new Vista machine and I was in, overwrote the password and handed it back within minutes. I did consider removing the hard drive and sticking it into a USB caddy for them but booting from a CD and bludgeoning the sam file was quicker.

Part of me is glad that I was able to do this for the man's family but it really shouldn't be this easy. I know that you can make Windows more secure than this but it takes effort and experience, its not done by default. Microsoft really should be doing a better job than this.

  dagbladet 15:55 19 Mar 2009


In fairness, I wouldn't have a clue how to do that and "bludgeoning the sam file" means nothing to me. There are I'm sure higher levels of security that could have been applied that might have thwarted your efforts. Not sure why it's Vista that's taking the blame.

  PalaeoBill 16:12 19 Mar 2009

Its not Vista I'm blaming specifically but Microsoft in general. NT / XP and Vista all share the same vulnerability and nothing has been done to fix it.
You don't need to know how to do it, a simple Google search on lost password will point you at the software that will do it for you.
Higher levels of security could have been applied and would have made my job harder but they wouldn't have stopped me, there are various other routes to achieve the same end. Also, applying these higher levels of security isn't intuitive or user friendly. Unless they were done by default the normal user wouldn't have a chance.
My gripe is that security should be so much better than this, Microsoft have had years to do this.

  sunnystaines 17:00 19 Mar 2009

o*******k will not help if vista bitlock is enabled. Its the only way to secure vista unless you use a BIOS with a call back when on line.

  interzone55 17:15 19 Mar 2009

Do you really need a higher level of security on a home PC?

People are always forgetting their passwords, and if you had a fully encrypted drive then a forgotten password would be disastrous.

On a business PC bitlocker encryption is a necessity, and is available in the Business, Ultimate and Enterprise versions of Vista, anything less than these versions should not be used in business situations.

  laurie53 20:28 19 Mar 2009

Not really in position to comment on the content, but if ever a thread title made it clear what the thread was about PalaeoBill has come up with one!

  Forum Editor 23:02 19 Mar 2009

Tne average home computer simply doesn't need high levels of security at the operating system level, in fact it would be a disadvantage.

Data security is what counts, and it's easy enough to achieve a level of security that will be sufficient for the majority of home users.

  PalaeoBill 23:16 19 Mar 2009

alan14 and FE
Yes, I think a home computer should have a high level of security, especially a laptop. So many people use internet banking now and carry a great deal of other personal information on their home computers. Laptops are stolen on a regular basis and home desktops are also prime targets for burglars.
Yes, I take your point on the disaster that would be caused when a password is forgotten but were should the balance be?
Perhaps we should just agree to disagree.

  Forum Editor 23:28 19 Mar 2009

that a home computer shouldn't be secure.

What it doesn't need is high security at the password level on the operating system, which is what you're advocating.

Anyone who keeps internet banking passwords etc. on a computer's hard drive is just asking for trouble, and increasing the level of security on a Windows password isn't going to protect them. Otherwise, security needs to be at the data level, and that's easy enough to arrange.

  Chegs ®™ 02:11 20 Mar 2009

I too would disagree with a home PC having high security for the reasons given above.Why would anyone need fort knox security on a home machine? There are several posters to this forum (me included) that dont use a 3rd party firewall as my machines contain nothing of value to outsiders(unless you desperately want to steal copies of my photos of the dog lying upside down in the sun)

I have access to encryption software if I wanted to protect any of the contents of my folders and have had to "rescue" several home PC users files as they'd forgotten their passwords(austrumi I think the software I used was called)

  PalaeoBill 08:39 20 Mar 2009

"Anyone who keeps internet banking passwords etc. on a computer's hard drive is just asking for trouble"

This is what many people are like. They don't take backups, don't apply any security over and above that which comes with the OS and they do store sensitive information on their hard drives. One elderly neighbour had typed all his PIN's into an Excel spread sheet. I will give you one guess what the file name was (I explained the madness of it to him, got him to delete the file and then change them all).

Perhaps its just me who meets people like this. Perhaps they all live in a small circle around my house and bring me their computer when it stops working.

FE & Chegs, I do understand your point of view. Had I thought about it rather than posting a kneee jerk rant I would have seen that data level protection is probably the better solution. It isn't that easy for your normal user to do though (note to Microsoft).

I will shut up now!

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

Photoshop CC 2018 released with new Curvature Pen and better brush tools

Camera tips to take better iPhone photos

Les meilleures applications de covoiturage 2017