DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 12, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 173 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Security researcher shows how easy it is to steal password from PCs with lock screen

Posted on Wednesday, September 07 2016 @ 14:07:56 CEST by


On his blog, security researcher Rob Fuller illustrates how easy it is to steal security credentials from locked machines. The technique is so simple it's hard to believe it works, not just on Windows 10 but also on Mac OS X "El Capitan". You can read the full detailed version over here. The short story is that by plugging in a device that poses as a USB Ethernet adapter, it is possible to steal the login details from systems in a lock screen state.
Why does this work?

  • Because USB is Plug-and-Play. This means that even if a system is locked out, the device still gets installed. Now, I believe there are restrictions on what types of devices are allowed to install at a locked out state on newer operating systems (Win10/El Capitan), but Ethernet/LAN is definitely on the white list.
  • Computers are constantly creating traffic, even if you don’t have any browsers or applications open, and most computers trust their local network for some reason (I know the technical bits on ‘why’, just complaining…)
  • Network preference when there are more than gateway or network connection is based on “metrics” on Windows and a combination of metrics and “preference” on OSX, but by default “wired” and “newer/faster” always win out.




  •  



     

    DV Hardware - Privacy statement
    All logos and trademarks are property of their respective owner.
    The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba