I was at the Super Walmart today in Indianapolis In., to check out the new Mini-laptops w/ MS7 and wanted to see how it look, all the laptops on display was asking for a PASSWOED, Ask a Walmart employee what was the password to check them out, she said some customer had changed all the passwords and they couldn't into them. I just had to say to her , Thank God for Linux and Super User password. For
Jim wrote:
I was at the Super Walmart today in Indianapolis In., to check out the new Mini-laptops w/ MS7 and wanted to see how it look, all the laptops on display was asking for a PASSWOED, Ask a Walmart employee what was the password to check them out, she said some customer had changed all the passwords and they couldn't into them. I just had to say to her , Thank God for Linux and Super User password.
Having someone change the Linux root password would be better how? I guess I don't know enough about Win7 to know why this is funny.
On Wednesday 30 December 2009 05:58 PM, Bill Davidsen wrote:
Jim wrote:
I was at the Super Walmart today in Indianapolis In., to check out the new Mini-laptops w/ MS7 and wanted to see how it look, all the laptops on display was asking for a PASSWOED, Ask a Walmart employee what was the password to check them out, she said some customer had changed all the passwords and they couldn't into them. I just had to say to her , Thank God for Linux and Super User password.
Having someone change the Linux root password would be better how? I guess I don't know enough about Win7 to know why this is funny.
I think he means the root password would prevent a user from doing anything drastic. Changing the password of a regular user could easily solved by root. Whereas in Windows most of the time a regular user logs in with admin privileges.
On 12/30/2009 08:30 PM, Suvayu Ali wrote:
On Wednesday 30 December 2009 05:58 PM, Bill Davidsen wrote:
Having someone change the Linux root password would be better how? I guess I don't know enough about Win7 to know why this is funny.
I think he means the root password would prevent a user from doing anything drastic. Changing the password of a regular user could easily solved by root. Whereas in Windows most of the time a regular user logs in with admin privileges.
You would think that display machines would be set up with a guest account. Limiting logins to the guest account drastically reduces the damage you can do. (Does Win7 offer the guest login?)
Mikkel
2009/12/31 Mikkel mikkel@infinity-ltd.com:
On 12/30/2009 08:30 PM, Suvayu Ali wrote:
On Wednesday 30 December 2009 05:58 PM, Bill Davidsen wrote:
Having someone change the Linux root password would be better how? I guess I don't know enough about Win7 to know why this is funny.
I think he means the root password would prevent a user from doing anything drastic. Changing the password of a regular user could easily solved by root. Whereas in Windows most of the time a regular user logs in with admin privileges.
You would think that display machines would be set up with a guest account. Limiting logins to the guest account drastically reduces the damage you can do. (Does Win7 offer the guest login?)
Yes I believe that would be the right way to do it, and I think the newer versions of Windows still have that feature.
After all a system is as secure as you set it up to be, right? Even a badly setup linux machine can be more vulnerable than well setup Windows machine..
Mikkel
On Wed, 2009-12-30 at 20:58 -0500, Bill Davidsen wrote:
Having someone change the Linux root password would be better how?
Boot to runlevel 1 and change it back.
From: "Frank Cox" theatre@sasktel.net Sent: Wednesday, 2009/December/30 20:37
On Wed, 2009-12-30 at 20:58 -0500, Bill Davidsen wrote:
Having someone change the Linux root password would be better how?
Boot to runlevel 1 and change it back.
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com
Log in as Administrator (not the visible username.) Then change the user's password back to something useful.
(ctl-alt-delete twice on the login page gives you the menu that has Administrator on it. It would take a fairly canny person to realize that there is an Administrator account to be changed. This works on XP, at least. I suspect it works on newer versions, too.)
{^,-}
On Wed, Dec 30, 2009 at 11:43:04PM -0800, jdow wrote:
Log in as Administrator (not the visible username.) Then change the user's password back to something useful.
(ctl-alt-delete twice on the login page gives you the menu that has Administrator on it. It would take a fairly canny person to realize that there is an Administrator account to be changed. This works on XP, at least. I suspect it works on newer versions, too.)
Well, it works on XP Pro; never on XP Home. Reboot to Safe Mode, it'll probably work on all XP; you can't count the number of installations I've found that never set the Administrator password.
But it doesn't matter; get P. Nordahl's Offline NT Password & Registry Editor (http://home.eunet.no/pnordahl/ntpasswd/, or the Trinity Rescue Kit (http://trinityhome.org). You can crack any Windows password. (I haven't tried these on Windows 7 yet.)
It's only marginally harder on a Linux system; just boot with the distro disk.
Cheers, -- Dave Ihnat dihnat@dminet.com
On Thu, Dec 31, 2009 at 08:00:13 -0600, Dave Ihnat dihnat@dminet.com wrote:
It's only marginally harder on a Linux system; just boot with the distro disk.
Provided you know the password for the luks device / is on. And that you know the bios password to let you boot off alternate media or have the opportunity to take the machine a part.
Letting customers futz with demo machines unsupervised is just asking for trouble. At the very least they should lock down the bios and have an easy way to reimage the machines.
On Wed, 2009-12-30 at 20:58 -0500, Bill Davidsen wrote:
Jim wrote:
I was at the Super Walmart today in Indianapolis In., to check out the new Mini-laptops w/ MS7 and wanted to see how it look, all the laptops on display was asking for a PASSWOED, Ask a Walmart employee what was the password to check them out, she said some customer had changed all the passwords and they couldn't into them. I just had to say to her , Thank God for Linux and Super User password.
Having someone change the Linux root password would be better how? I guess I don't know enough about Win7 to know why this is funny.
-- Bill Davidsen davidsen@tmr.com "We have more to fear from the bungling of the incompetent than from the machinations of the wicked." - from Slashdot
One could always reboot to runlevel 1 and change back even the root passwd. -- ======================================================================= What we Are is God's gift to us. What we Become is our gift to God. ======================================================================= Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@sbcglobal.net
On Thu, 31 Dec 2009 08:18:11 -0600 Aaron Konstam wrote:
One could always reboot to runlevel 1 and change back even the root passwd.
Some linux distros require you to type in the root password to continue to a shell in runlevel 1, but booting a live CD or rescue mode will work anyway.
On 12/31/2009 08:40 AM, Tom Horsley wrote:
On Thu, 31 Dec 2009 08:18:11 -0600 Aaron Konstam wrote:
One could always reboot to runlevel 1 and change back even the root passwd.
Some linux distros require you to type in the root password to continue to a shell in runlevel 1, but booting a live CD or rescue mode will work anyway.
You can also password protect Grub to prevent any changes to the menu choices, and/or to boot specific entries. Most BIOS also have a way to prevent you from changing the boot device without a password. (Locks you out from booting off the CD.)
Now of this stops you from pulling the hard disk and using another system to change the root password. Most laptop hard drives will let you password the drive. The password function is part of the drive, so putting it in another machine does not help.
If you really want to keep it safe, you encrypt the drive. This should stop most attempts to change the password. :-)
Mikkel
Aaron Konstam wrote:
On Wed, 2009-12-30 at 20:58 -0500, Bill Davidsen wrote:
Having someone change the Linux root password would be better how? I guess I don't know enough about Win7 to know why this is funny.
One could always reboot to runlevel 1 and change back even the root passwd.
http://www.linuxplanet.com/linuxplanet/tips/6752/1/
That didn't work at one time, level 1 in inittab called sulogin and prevented the problem. Seems to have been lost going to all the rc.CRAP used currently, I'm looking at fixing this, although my laptops are encrypted anyway.
On Wed, Dec 30, 2009 at 1:59 PM, Jim mickeyboa@sbcglobal.net wrote:
Ask a Walmart employee what was the password to check them out, she said some customer had changed all the passwords and they couldn't into them.
This situation demands the Goatse Rescue Disk:
http://www.kolumbus.fi/xtmb/goatsefloppy/
That particular page is Safe For Work. I can't speak for any of the other pages on the site.
Extra Credit to whoever ports it to EFI.
Don Quixote
-
Aaron Konstam -
Bill Davidsen -
Bruno Wolff III -
Dave Ihnat -
Don Quixote de la Manvha -
Frank Cox -
Frank Murphy -
jdow -
Jim -
Mikkel -
Suvayu Ali -
Tom Horsley