On Sun, Apr 26, 2009 at 10:26 AM, Chris Dunford <[email protected]> wrote:
> > > Requires physical access to the computer. With > > > physical access, you can do pretty much anything > > > you want to any computer. > > > > > > Why don't you bother to mention this? (That's a > > > rhetorical question, everyone already knows the > > > answer.) > > > > > > > Isn't there a feature in Vista that puts a bunch of > > files on a flash drive to accelerate the boot sequence? > > This would be a path to really exploiting this. > > Yes, that's part of ReadyBoost. > > I will repeat, however, that with physical access to a computer--any > computer--all bets are off. Given that, I don't know that "exploiting this" > is really the right phrase to use. Any computer can be "exploited" if I can > sit down at the console and do whatever I want to it. > > This is a non-story. When I first saw it on Friday, I wondered to myself > how > long it would take Tom to discover it and post a message that omitted the > bit about requiring physical access. The answer turned out to be, less than > 36 hours. > Eh, I can envision a two step remote attack that would put the offending files on the flash drive just waiting for a reboot. I assume you can't lock the ready boost drive from new writes and have it work. -- John Duncan Yoyo -------------------------------o) ************************************************************************* ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *************************************************************************
