Re: Stop having to do the authentication check in OS X?

On Feb 1, 12:28 pm, nos...@xxxxxxxxxxxxx (Richard Maine) wrote:
Király <m...@xxxxxxxxxxxxxxxxx> wrote:
DJW <d...@xxxxxxxxxxx> wrote:

anything on the drive.



Are you guys saying that when I am online (dial up) that something
evil may try to sneak onto that slave hard drive now and I will get no
warning that it is happening?

It's very unlikely. Mac OS X is very secure against these kinds of
attacks.

Not if he has an admin account with no password, it isn't secure. The
system has the capability to be reasonably secure, but if one
deliberately disables the security features (which is what having a
passswordless admin account amounts to), then they won't do much for
you. In that case, yes indeed, something evil may sneak in without
warning.

You sort of said the same thing, but I think you said it in a way that
downplayed this aspect. I think it important to emphasize that the
system is *NOT* secure if you don't follow at least some of the most
basic guidelines. They aren't difficult to follow, but if one downplays
them too much there is a danger of people thinking that the system is
automatically secure no matter what they do... and that just ain't so.
Having users who mistakenly think that what they do doesn't matter in
terms of security is *THE* number *ONE* security problem with any
system. If you have ever worked in a work environment where security is
at isssue, you will get this contnually dunned into you - that no system
can be inherently secure by itself; it needs your help.

--
Richard Maine | Good judgement comes from experience;
email: last name at domain . net | experience comes from bad judgement.
domain: summertriangle | -- Mark Twain

Ok I think I have just two last questions.
When I make the new user non-administrator name I will need to move
the contents of the old administrator home folders contents to the new
name home folders since that is where all my files from my old
computer and new ones made on this computer now reside. Will I need to
make the new user and then be in the original administrator account to
be allowed to copy the files over? And when I restart in the new user
name will the files I copied over then allow me to make changes in the
future to those files while booted in the new users name?
I will be making a password for my present administrator name but just
wondering if I did not one and were online (dialup) in the new user
non- administrator name could some one attack my system files still
because I have no password. In other words can an attack happen no
matter what account I am signed into when online with the
administrator having no password?
A side note would it be a good safe-guard to have two administrators
each with separate passwords just in case I forget one of the
passwords or could there be the possibility of some kind of file
corruption that might keep me locked out in the future to signing into
the administrator account. My past with Windows PCs makes me paranoid
that something might just decide to become corrupted or file
association be lost and that is the end of that. The aforementioned
reason is why I have been avoiding installing a password at all! Being
a Mac group I am not too sure if everyone knows how ridiculously
unpredictable and awful windows can be at times for no apparent
reason.
.

Relevant Pages

  • Re: Process running under Adminstrator account
    ... It sounds as though the attack mentioned by Lanwench is an attack ... I did not realize the SID was all that was needed. ... Renaming the account does not change the SID. ... The Administrator SID ...
    (microsoft.public.windows.server.sbs)
  • Re: Process running under Adminstrator account
    ... an attack on the RWW port of SBS. ... Under that condition, if an attack took place from the WAN, would not ... obscuring the administrator account by a name change ...
    (microsoft.public.windows.server.sbs)
  • Re: Administrator account renamed
    ... NT 4.0 and the "redbutton" attack. ... since "Administrator" account uses one of several "well known SID's". ... >> How can I reinstate the original adminidtrator account name ??? ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Process running under Adminstrator account
    ... an attack on the RWW port of SBS. ... obscuring the administrator account by a name change would ... I did not realize the SID was all that was needed. ...
    (microsoft.public.windows.server.sbs)
  • Re: Stolen computer recovered but has password
    ... REMOVE YOUR PERSONAL ACCOUNT FROM THE ADMINISTRATOR'S GROUP. ... administrator account and supply its password. ... > Microsoft makes it way too difficult to secure a computer properly. ...
    (microsoft.public.windowsxp.security_admin)