This can be achieved by using a regular USB/pen/thumb drive (whatever you call it). The hack would be more than enough to keep even your curious geeky computer friends from booting into the system. That said, it is by no means foolproof (which security measure is? ) so you might not want to bet your life on it.
News link: here
who cares, linux has better.
Woods
January 2nd, 2009
This comment is brought to you by Mad Libs…who cares, linux has better (adjective) (noun).Oh yeah, well Windows has better (noun) than (noun).
Bina
January 2nd, 2009
(expletive) you and your mother
Xanthe
January 2nd, 2009
I love Mad Libs!!!I’m going to go with… NICE… MAN… CAT.. and CAT.who cares, linux has better nice man,Oh yeah, well Windows has been cat then cat!It’s so silly!
Denis
January 2nd, 2009
who cares, linux has better penis penis.Oh Yeah, well Windows has better penis than penis.I used to have like 10 of those books when i was a kid.
Bayan
January 2nd, 2009
@parker"Penis" is not an adjective.
Timila
January 2nd, 2009
Sure it is, penis breath.
Othniel
January 2nd, 2009
Well, the same can be done on Linux. I’d even write a tutorial if I wasn’t such a lazy *****.
Heller
January 2nd, 2009
I did hear on the Ubuntu forums a few weeks back that you can put your entire /boot partition on a flash drive.
Yanichel
January 2nd, 2009
You can put the entire SYSTEM on a flash driveLinux resides comfortably on a 10GB partitoin/drive
Phinnaeus
January 2nd, 2009
You accidentally the whole flash drive?
Oded
January 2nd, 2009
I am so of that meme.
Yancy
January 2nd, 2009
I know you can put the whole thing on a flash drive, I’ve done it myself. Someone said that they wanted to be sure no one else can get into their computer and it was suggested that setting up /boot on a flash drive would be the way to go.
Faolan
January 2nd, 2009
I don’t think a Linux user would bother with this method if it worked.. Just a hunch. In fact, no one in their right mind would use this method unless it gave free blowjobs and lit your cigarette after you "logged in".
Hajra
January 2nd, 2009
linuxgazette.net/140/kapil.html
Syaoran
January 2nd, 2009
Just stick your boot partition on the USB drive and off you go.
Rimon
January 2nd, 2009
Not a problem for me. XP ftw!
Jovanna
January 2nd, 2009
Nothing is impossible
Taber
January 2nd, 2009
Creating ‘foolproof’ technology is.
Joweese
January 2nd, 2009
You can keep the fools out, but idiots will always a way in.
Rio
January 2nd, 2009
Anything is possible at Zombo Com
Gitano
January 2nd, 2009
Wow, that’s a blast from the past. Can’t believe it’s still up (and they still haven’t got the newsletter out)
Urit
January 2nd, 2009
Therefore, impossible is nothing./serious lame guy
Tina
January 2nd, 2009
The article description says"That said, it is by no means foolproof (which security measure is? )"Correct me if I’m wrong, but isn’t encrypting your entire HDD with AES encryption using BitLocker or Truecrypt foolproof?
Angie
January 2nd, 2009
Of course it would be hard to decrypt, at least by todays technology. But that’s still far from being foolproof. There’s still tons ways to get the data, including a nasty looking crowbar.
Phillip
January 2nd, 2009
Yes, but a fool couldn’t do it.
Rip
January 2nd, 2009
Impossible is nothing.
Yauvani
January 2nd, 2009
If I was trying to get into this top-secret uber hacked system, I’d add a BIOS password when I was done.I’ll bet good money that the author doesn’t know how to remove a CMOS battery or swap jumpers on a motherboard. Everybody knows how to put in a ***** recovery CD.
Kaelin
January 2nd, 2009
Fighting piracy is.Argh!
Batu
January 2nd, 2009
The article mentions changing the boot order.This won’t stop people from booting the PC without the usb stick. It will just make the computer look for the USB stick _first_, and then move on down the list until it finds the hard drive to boot from. Which it will then proceed to do.I don’t get this at all. The article is missing something.
Henley
January 2nd, 2009
You’re getting dugg down, but you are 100% correct. I think the idea in the article was to load the necessary boot files onto the flash drive, making the system unable to boot up without those files (read: the flash drive). But the author also tells you to simply *copy* the boot files (boot.ini, NTLDR and ntdetect.com) onto the drive, which necessarily means that these files are still left on the HDD intact, making the entire exercise pointless. I think he meant to say to remove these files from the HDD and load them on the flash drive. I’m not sure that would even work, though. But in the model he described, the boot files are left on the HDD, and therefore the computer will still be able to boot, with or without the flash drive. And to confirm- yes, most BIOS configurations will go through the boot order until finding a suitable boot source. And for some of the older ones that do not, anybody would be be able to access the BIOS (he’s talking about booting the OS, which is a few levels above BIOS), and change the boot order to run from the HDD or disc.
Addie
January 2nd, 2009
I agree completely. Setting a strong password works better and you don’t have to worry about losing your flash drive it getting zapped in the washing machine etc. Also strong passwords are cross platform, this half baked idea only works with windows systems.
Micha
January 2nd, 2009
I would leave the hard drive intact, copy the files, tell the BIOS to boot ONLY from USB and lock the BIOS. Much safer that way since you still have a password that will allow you to change the bios a bit and boot the machine, and the "key" still works.
Priya
January 2nd, 2009
@black27696Or you could just, you know, set a BIOS level boot password.
Aston
January 2nd, 2009
yeah, but those things can go through the wash dozens of times. All of mine are proof of that. One had what I believe to be an oscillator break off the board the last time through the dryer. soldered that puppy back on, and it was good as new.
Dalton
January 2nd, 2009
black27696: I was going to make that same comment, and it really is the best way to secure your system using a USB stick. But…. Whats stopping me from making a few dummy USB sticks that try to boot different HDDs, OSes, etc.
Huntley
January 2nd, 2009
@consoneoYes, typing a password in every ***** time you even START the damn machine is wonderful. I hate, HATE boot passwords. In my case, I have a linux box that just starts up to run level 3 (terminal, doesn’t start up X) so you have to log in first and then startx.
Yuichi
January 2nd, 2009
Yea, I agree, I did this with my work computer, but I just edited, and corrupted my boot.ini file on my hard drive, so the computer would just lock up on boot, unless the floppy disk was in the drive.
Edom
January 2nd, 2009
Floppy Disk? Man, didn’t even know they still made those.
Nura
January 2nd, 2009
They don’t
Nu
January 2nd, 2009
ocharry: Pfft, I still have a copy of a disk wiper on floppy, just in case.
Naflah
January 2nd, 2009
@ocharry: u.mavrev.com/z12 Tons still for sale on Amazon.
Usher
January 2nd, 2009
@MavRevMattIs it really that hard to type in: amazon.com ?Oh I see you wanted us to buy something from that link so you could get the referral.
Ximena
January 2nd, 2009
in some BIOS’, you can actually remove devices from the boot order.
Winfield
January 2nd, 2009
This will work if you remove the hard drive from the boot order in the bios, then password protect the bios from being changed. However, you are better off, in my opinion, to have a regular booting windows os, and then a thumb drive to boot to linux. If the thumb drive is not in there it will only boot to windows. They would never think twice that another operating system is installed.
Ketaki
January 2nd, 2009
yeah, but you remove the file from the HD which tells it where the operating system is (boot.ini) and place it in the USB drive. Therefore if it tries to boot w/o the USB stick, it won’t be able to find the OS and it will fail to boot
Michaela
January 2nd, 2009
If you set the boot order for removable device first, and the removable device is plugged in, but has no OS, some of the time the computer will not boot either displaying a blinking white cursor or give you the same error if you leave a floppy in the drive.
Yamha
January 2nd, 2009
nowadays, only on the floppy disk (I think…I haven’t seen a floppy drive in forever). Non-bootable CDs and Flash drives get through just fine.
Xanto
January 2nd, 2009
I would rather use a key-key, like on my old 486.
Damalis
January 2nd, 2009
As opposed to a KEKE^___^?I installed a turn-key power button for my computer at home. It’s not that hard, just a lot of concentration and meticulous work.
Xochitl
January 2nd, 2009
"It’s not that hard, just a lot of concentration and meticulous work."Isn’t this sentence sort of an oxymoron.
Bade
January 2nd, 2009
Not necessarily. It was easy to do, I concentrated a lot on making it look professional and not rubbish.
Curtis
January 2nd, 2009
Waste of time. Doesn’t do a thing to protect your data while using a Live CD. Which is exactly what I would do if I wanted unrestricted access to someone’s system.
Bin
January 2nd, 2009
I think it’s more to stop your kid brother looking at your diary where you talk about how cute Mark down the street is.
Philomena
January 2nd, 2009
If you want to protect your data I think Ubuntu now supports encrypted folders. Which basically means that the data on the hard drive will look like a jumbled mess unless you know the correct encryption key.
Victoria
January 2nd, 2009
truecrypt now offers full drive encryption for windows as well if anyone is interested.
Hajari
January 2nd, 2009
I’ve been using an SD card to boot and decrypt my laptops that run FreeBSD for a while now. Not hard to do, really.
Deon
January 2nd, 2009
Seems like you’d be better off with a really strong password, set hdd to boot first, and put a password on the bios. Oh, and encrypt the hard drive if you worry that your pr0n is at jeopardy of being discovered.
Cuthbert
January 2nd, 2009
Not worth the effort.
Pacey
January 2nd, 2009
Erm, obviously every great tutorial starts with how to show hidden files in windows (including pics.)
Tadelesh
January 2nd, 2009
Xia he
January 2nd, 2009
not even close…all of your files are very easily accessible, regardless of whether or not you can boot into your Windows.
Rutherford
January 2nd, 2009
All you need is a Linux live CD which supports reading from NTFS (which almost all of them do anyway).
Luz
January 2nd, 2009
You could do on a bunch of different things! You could do it from the Windows XP installation disk. You could pull out the drive and plug it into a different computer. Man, you are safe. No worries.That, of course, also means this security "solution" is retarded.
Yasmin
January 2nd, 2009
Or you can just use a password?
Gur
January 2nd, 2009
yeah but your password is just a combination of things i know, so technically i already know your password.
Wakinyela
January 2nd, 2009
or you could just use ophcrack?
Miach
January 2nd, 2009
FYIWindows (XP, 2k, 2k3)Password can be cleared in under a minute with the right boot CD.Bios Passwords can be cleared in the time it takes to open the case and clear the bios.
Gunesh
January 2nd, 2009
or boot into safe mode and log in as administrator, run control userpasswords2 and remove the user’s password
Murron
January 2nd, 2009
I hear they have these fancy things called passwords now. Yeah, they’re much more convenient.I can also one-up them. My computer starts when I press a button. I don’t have to carry around a USB Stick.
Hulda
January 2nd, 2009
what i said above.
Zahar
January 2nd, 2009
Is it a button that only you can press?
Deniz
January 2nd, 2009
you completely missed the point.
Cait
January 2nd, 2009
If you don’t have physical security there’s no point in bothering with software security.
Helki
January 2nd, 2009
True, but that point is moop when your talking about home security. Your "geeky friends" are not going to crack open your computer and take out your HDD or screw around with the system’s bios (to reset the bios password). Unless they are assholes.
Haide
January 2nd, 2009
The point is moop?
Yatin
January 2nd, 2009
moot*
Damir
January 2nd, 2009
I have lost USB drives before. Cool, but a very bad idea for us forgetful people.
Jaguar
January 2nd, 2009
Cool trick and all but I will stick to setting a strong password.
Iphigenie
January 2nd, 2009
pretty easy to bypassusing a live cd for example, which can also bypass the usb key
Sydnee
January 2nd, 2009
Interesting. Why not compile a linux kernel with the encryption key built into it for encrypted drives. Then, it pretty much is foolproof, unless your friend can crack AES or Blowfish.
Wilton
January 2nd, 2009
because it’s probably way above the head of the author of this article………
Winda
January 2nd, 2009
What kind of friends do you have?
Kylemore
January 2nd, 2009
I can crack AES or Blowfish easily. Its called rainbow tables. 1 TB of those tables and you can crack pretty much any user password.
Lajos
January 2nd, 2009
And i got 3 500GB hard drive full of RT’s of several different encryptions, plus Black Track 3 on a usb stick. Secure, no such thing.
Edric
January 2nd, 2009
no, you can crack idiots’ computers with a rainbow table. A properly hashed key with a good salt makes rainbow tables useless. MD5-crypt uses this and key stretching to keep you out.Even without this, a good password will stand up to your methods. If they use special characters, numbers, and mixed case alpha you are only going to get passwords up to about 7 characters long. Unfortunately your tables grow exponentially with every character I add, and your already up to 1 TB.If I add a salt with this criteria you can’t even crack ‘god’ as the password. It’s back to brute force and dictionary attacks for you.
Macon
January 2nd, 2009
buddyw: First off, yes, I could crack "god" (with a salt), its just a matter of figuring out where the salt is in the password and cracking it the same way as any other password. With enough HD space and knowledge anyone could crack anything that uses passwords, salt, whatever.And the purpose of RT are for cracking situations exactly like the one you mentioned in your 2nd paragraph. Rainbow Tables are meant to use special/random characters, long lengths, etc. Like I said, without enough HD space, you could do it.Oh, and RT are a method of brute-forcing. "A rainbow table is a simple brute-force attack which results are stored in a table"So… get your facts straight.
Sabrina
January 2nd, 2009
Bet you can’t crack PGP…with in a reasonable time span.
Dwi
January 2nd, 2009
An RT isn’t going to do you any good if you’re using X.509 certs, and storing the private key only on your USB stick. You’d actually need the USB stick in your posession.
Cuthbert
January 2nd, 2009
Set Supervisor password on bios and allow booting only from the HDD, Goddammit.
Rusti
January 2nd, 2009
if someone has access to the computer, the bios can be reset. Trust me. I had a guy convinced there was a master bios password because i got into his "unbootable" computer.
Dalton
January 2nd, 2009
cyberfreak01 = correct. if some knowledgeable person has access to the computer then no data is safe without encryption.
Lahoma
January 2nd, 2009
Can’t you just clear the CMOS or something to get reset that *****. EDIT: I guess if you can clear the CMOS via a jumper you could also just take the hard drive. :
Galen
January 2nd, 2009
This also reminds me of all these movies where people need to hack into some top guns PC to retrieve information. Why dont they just rip the hard drives out?
Uday
January 2nd, 2009
my impersonation of no hdd, "THE JIG IS UP!"
Nadine
January 2nd, 2009
Behold the power of a bios password… or for more paranoid encrypt the data you really want safe on a device that you physically control and can remove.
Sylvia
January 2nd, 2009
reset the cmos, takes very little time
Ruven
January 2nd, 2009
If someone has physical access to a computer there will always be a way to access data. Granted full disk encryption would slow most of us down considerably, they could still copy then crack later. This is just basically something out of movies and TV shows where someone needs a disk or usb stick to boot a computer. Completely useless in real life. Get a strong password if you have a nosy cousin.
Umed
January 2nd, 2009
Your argument seems to imply that it would be impossible to encrypt data such that a "copy and crack later" approach would be rendered useless. I would like to see how long it would take you to crack a strongly-encrypted drive. It’s not a matter of years - it’s a matter of geological time periods… With proper encryption, it could take you billions of years to break the encryption.But… That’s got nothing to do with this article.
Helladius
January 2nd, 2009
however even you admit it is still possible just increasingly more and more impracticlealso direct decryption isn’t the only way to break encryption.
Murphy
January 2nd, 2009
In his defense, he didn’t specify how long ‘later’ was…My favorite crack a 128 bit key illustration:Imagine a computer that is the size of a grain of sand that can test keys against some encrypted data. Also imagine that it can test a key in the amount of time it takes light to cross it. Then consider a cluster of these computers, so many that if you covered the earth with them, they would cover the whole planet to the height of 1 meter. The cluster of computers would crack a 128-bit key on average in 1,000 years.Source: interesting-people.org/archives/interes …
Dustin
January 2nd, 2009
I’ve actually rigged my computer to demagnetize, then melt my hard drive when the case is opened. Overkill, maybe, but nobody is getting to my pr0n without my authorization.
Estrella
January 2nd, 2009
Thermite is the answer. After three failed login attempts, a fuse is lit (maybe a model rocket igniter?) and BAM! computer and your leg is gone.
Laine
January 2nd, 2009
Didn’t mean to imply that it’d be easy or practical. Just possible in a theoretical sense.
Nadda
January 2nd, 2009
total failure. you just have to read the comments to realize what type of utter fail this is. Bury away
Yates
January 2nd, 2009
Don’t do this.If anyone is after your data and they can’t figure out how to reach the content on your HDD without booting off that partition, then they wouldn’t know how to get around a regular windows login either.
Prosper
January 2nd, 2009
Sounds like the days of having to use a dongle to use a piece of software
Xinavane
January 2nd, 2009
Either it works, and you risk losing/damaging your USB key(s), or it doesn’t, and there are far better security measures. Either way, a terrible idea.
Austin
January 2nd, 2009
rohos.com/welcome-screen/usbflash.htmthis works much better. and its not a crappy hack.
Gustave
January 2nd, 2009
Buy me a copy for christmas please.
Idola
January 2nd, 2009
wonderful I miss computers that use a key.
Twila
January 2nd, 2009
Or you could use TrueCrypt, etc. and keep the authentication key on the usb stick….and avoid all the shortcomings of this article’s approach.
Ira
January 2nd, 2009
And if I lose my usb stick? No thanks…
Tvisha
January 2nd, 2009
if you lose your usb stick then you are not a very responsible adultpretend like its the key to your house…
Gulliver
January 2nd, 2009
Make a copy and hide it:)
Zulu
January 2nd, 2009
… under a rock on the front yard
Humaira
January 2nd, 2009
What if you lost your home key? Or your car key? Same principles really, you just have to look after your stuff.
Iphigenie
January 2nd, 2009
If you don’t encrypt your drive (or at least the important parts) you are practically giving away your data every time you give someone unsupervised physical access to your PC.
Macha
January 2nd, 2009
In addition to all the already mentioned reasons that this idea is retarded, don’t they list one huge one in the article? All you need to do to get around this, even if it is done correctly, is use the recovery console. If you can’t get around this a password longer than about 4 letters should keep you out too for a lot less hassle.
Ruven
January 2nd, 2009
meh xp was so last year… digg me down you tandy users!
Halden
January 2nd, 2009
digg me down Trash-80 users
Xadrian
January 2nd, 2009
XP > Vista, still.
Valmai
January 2nd, 2009
I was kind of hoping that this would somehow prevent booting from any other USB device besides the one you hacked into the key. As such, I was disappointed with the article.Of course, such a hack would also have some horrible flaws, now that I’m thinking about it…
Usoa
January 2nd, 2009
Where’s the Robocop style security systems, where the perpetrator dies a rather gruesome death.
Neha
January 2nd, 2009
Also @black27696 and consoneoOne of the first things taught in a basic Hardware or IT classes is if you come cross a computer with a locked BIOS, simply unplug the machine and remove the Motherboard’s battery, wait an hour and then put it back together and proceed. Since it’s not firmware, and its volatile information, it gets erased when power is removed. As stated above, just generate a strong login password for the OS consisting of random letters and numbers, that’s your best option.
Caia
January 2nd, 2009
hour? try 1 minute usually, maybe 5, but hour is way too long.
Ulmer
January 2nd, 2009
or the jumper if it has one
Derek
January 2nd, 2009
Wait an hour? More like 10 seconds, or at most, a minute.
Madeleine
January 2nd, 2009
I did that on accident one time when I chose the grub loader directory on a flash drive… not as much fun when you don’t mean it
Rusti
January 2nd, 2009
Step 1) Ignore this articleStep 2) truecrypt.org/docs/?s=system-encryption
Abby
January 2nd, 2009
TrueCrypt doesn’t allow encrypted OS booting from USB, I hope it does in the future though.
Urian
January 2nd, 2009
Finally, now my parents can NEVER find my porn MUAHAHAHAI wish I had something worthy of encrypting =(
Estralita
January 2nd, 2009
My computer cannot boot from USB. I guess I could use a compact disc to load a boot loader to boot from USB…….or I could just ignore this retarded article. Just because you can do something doesn’t mean you should.
Umatilla
January 2nd, 2009
"compact disc"there’s some nostalgia
Orane
January 2nd, 2009
I’m old. Old enough to know what a WORM drive is, though I can understand why that name never caught on.But I manage to stumble my way onto the Internet, on occasion. Now, are my pants on backwards, again?
Nuin
January 2nd, 2009
why would anyone do that? whats wrong with a power button?
Uta
January 2nd, 2009
this is ***** when your usb drive eventually corrupts
Giorgio
January 2nd, 2009
I’ve been booting from a USB drive for months. Though, I wasn’t trying to be ‘cool’ or secure my things… it was due to sheer stupidity that I screwed up the boot process on my laptop.Dell shipped me a replacement hard drive that was partitioned and had the OS/drivers/etc. installed… but the installation wouldn’t take. So, I installed Windows on D: after a few hours of getting nowhere with Dell’s pre-configured hard drive. I wanted to install Ubuntu on C:, so I formatted it, not knowing that it was still a vital part of the boot process…
Faith
January 2nd, 2009
388 diggs at the time of this comment, for an article that’s more dangerous than helpful!The trouble is, because of the diggs, there’ll be people that screw their system up thinking they’re doing themselves a favour.. And if they don’t, the false sense of security they get will probably make them worse off.. It would take anyone who was seriously after the data in the machine 2 minutes tops to realise what was going on and have their hands on everything.There is no substitution for good encryption…
Psyche
January 2nd, 2009
Encrypt harddrive, only thing that’s going to mildly save your ass when someone takes it
Madden
January 2nd, 2009
I was expecting to see something about creating a CA and self signing it, then configuring something with grub and an encrypted disk to use a p12 file as a ‘login’ before choosing an OS…. But alas, just an obscure way of using windows 2k/XP repair tools to prevent normal booting of a PC. Not any kind of security in a literal sense of the word but the tittle is misleading one to believe there is.
Xanadu
January 2nd, 2009
This is stupid. All it is doing is giving people a false sense of security. It’d be just as good/better to just tell people to leave their computer unplugged, or unplug their hard disks for that matter. This is stupid
Gunesh
January 2nd, 2009
Idiots, set a god damned BIOS password if you’re going to have people go into it anyway.This is one of the worst tech hints I’ve ever been given. People will ruin their systems with a worthless hack if they mess something up. Tell me how to rename my .jpgs to .exes guys!!!!?!?
Istas
January 2nd, 2009
you can do that?! Link to article please?/s
Gale
January 2nd, 2009
Best Crypt Volume Encryption. Encrypts the entire VOLUME. Live CD is useless without the password. Password must be entered right after BIOS. Dive does NOT work in another machine unless you have the password. My password is 32 characters long including spaces, numbers, letters (both cases) and special characters. I do this in case someone steals my PC. The hardware is insured I really don’t care. The data is not (of course). There is also the worry of identity theft.
Xing xing
January 2nd, 2009
Without even looking at it I bet it’d easily be subverted with a little safe-mode akshun.nm, actually you’d need a CD. Blah.
Avis
January 2nd, 2009
"The solution is not foolproof. Even if someone is not able to boot your system he/she can easily get your data by using a live CD. So you might still want to keep your data encrypted."Err… Yeah. If I had to break into someone’s PC and grab files, I’d just boot from Winternals ERD Commander and copy whatever I wanted. A lot easier than what this guide will protect from.
Kyla
January 2nd, 2009
TrueCrypt does the same thing *plus* encrypts your data with the algorithm of your choice. Only way it can be cracked is by physically taking the RAM out of a sleeping computer or improper shutdown. This is a vulnerability with every drive encryption software, though./thread
Winnie
January 2nd, 2009