Re: Novell Netware Copy

[11a () GMX NET (Bluefish)]

As I see it, "first Last" has a totally incorrect concept of the security
problem. Yes, you don't want people to do whatever they like, so it is
wrong that Novell Netware Copy netware in his case can. But it is not NNC
which is the problem, is the fact that he's using Windows95 with
"FoolProof". It has been established over and over again in various
newsgroups and mailinglists that a singeluser operating system (in this
case, Windows95) cannot be made secure with various small patches.

I'm not saying this is a windows problem, the same is true for all
singeluser operating systems. If you would be using NT or a unix clone (or
whatever multiuser operatingsystem) you have a foundation for building a
secure system, patches etc will bring you closer to a secure system. On
singeluser operatingsystems you only obscure the fact there isn't any
system.

Redarding these singeluser patches, I remember a few things I've seen
myself and things I've seen reported in emails:
  * passwords hashed into tiny keys, sometimes only 16 bits.
  * patches can be aborted by causing a reboot with scandisk, abort
    scandisk, you get DOS and can remove the entire security patch.
  * notepadding .ini (writeable) files removes the patches.

  etc.

And now "first Last" adds to the list that installing a 3rd party product
(Novell Netware Copy) breaks the security of yet another such patch. It
seems obvious to me that an administrator must either be uninformed or
insane if he believes he can run windows95 on workstations and believe
that it is secure. Windows95 has it usages in environments concidered
secure (alas, you trust your users), but if you concider the scenario of
malicious users, you must swich to a multiuser operating system.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team