Results tagged “fud” from Just Another Hacker

Making me publish this stupid post and managing yet another login to a site I don't personally use. Ok, so maybe it's not such a bad idea to allow blog claiming, and supporting logins... BUT they should be able to index blogs without having someone make a claim, or at the very least allow the authorization to be added as a html comment or as a separate file. I suppose they consider the forced posting to be a marketing tool. To me it tastes awful...

QFFGFDWBFVD6

Hacking xp...wait...what?

|
Infosecurity magazine posted an article that supposedly shows how you can execute some commands to start windows xp up without a password. The article presents this as a "juicy" hack;
the short tutorial shows how, with the judicious use of the XP run command and tripping an executable, it is possible to start up Windows XP without requiring a password

They also make a feeble attempt at classifying the feat;
Infosecurityisn't really sure either, but the breathtakingly simple security bypass appears to have been coded as a backdoor to Windows XP for administrators who have lost their password.

What FUD!
Lets clarify a few things;
    1. You need a valid login to do this
    2. Your user will need privileges to do this
    3. It will prompt you for the username and password to automatically log you on with the next time it starts up. 
    4. It defaults to the current user so in this case they are running the control as the user Administrator.
Two minutes of research would have let the author of the article present it in the proper light. Tweaking a setting to automate the login screen so you don't have to see it. It is not a security bypass. I expect better from security specific magazines.
No Clean Feed - Stop Internet Censorship in Australia
Creative Commons License
This weblog is licensed under a Creative Commons License.