Full Disclosure mailing list archives
Re: Re: Google Talk cleartext credentials in processmemory
From: pagvac <unknown.pentester () gmail com>
Date: Thu, 1 Dec 2005 10:18:51 +0000
On 11/29/05, Andrew Simmons <asimmons () messagelabs com> wrote:
pagvac wrote:Again, my testing is based on today's reality which is that most Windows users use administrative accounts for regular tasks such as web browsing and using their email clients.er, not really. Home users, perhaps, but there are a lot more WIndows machines in corp environments than at home.
Even in corp environments you still see some users running admin privileges. Yes, I agree, it doesn't happen as often as in home environments, but it *does* happen. Anyways, I don't have any statistics so I'm not going to argue this, but if you talk to any company that offers pentesting services they will surely tell you that they come across companies that gives admin privileges to some of their employees in their Windows desktops (I'm referring to employees that are *not* network administrators). This is just for convenience so they can install whatever applications they need. It'd be interesting to find some online survey on what percentage of business and home users use admin privileges for daily tasks. If you look at Windows 2000/XP, it does it wrong from the very beginning: the user is asked to add a user account from installation. This account has admin privileges by default. Even worse, at that point there is another default admin account ("administrator") on the system, so by the time you're done installing your copy of Windows there is two admin accounts on your system. Wouldn't it make more sense that the second user account which is created during installation has restricted privileges by default? Maybe Windows XP could add one of those stupid balloons saying something like "Problem installing an application? Now you can right-click on the file and click on "run as" to install your software with admin privileges..." Well, these are just some ideas, of course I'm no authority nor guru, I'm just a guy who enjoys learning.
\a -- Andrew Simmons Technical Security Consultant MessageLabs Mobile: +44 (7917) 178745 asimmons () messagelabs com www.messagelabs.com MessageLabs - Be certain ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
-- pagvac (Adrian Pastor) www.ikwt.com - In Knowledge We Trust _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: Google Talk cleartext credentials in processmemory pagvac (Dec 01)
- Re: Re: Google Talk cleartext credentials in processmemory Colin (Dec 01)