kon-boot for real?

Discussion in 'other security issues & news' started by brians08, May 9, 2009.

Thread Status:
Not open for further replies.
  1. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    40
    Software called "kon-boot" supposed to be able to log into most Linux and Windows versions without password.
    Is this thing a fake or for real? I don't have a free computer to try it out on at the moment so was hoping to find some discussion about it but there isn't much that I can find so far.
    If this is for real then everyone needs to start using BIOS passwords ASAP. Better yet, Full Disk Encryption. Can you say TrueCrypt? (or Bitlocker if you can afford it)
     
  2. Apparently for real:

    http://seclists.org/dailydave/2009/q2/0032.html

    Local security is a joke anyway though, IMHO; the only way to have good local security is to prevent physical access to your machine by unwanted persons in the first place. Disk encryption can be broken (I hear the NSA is quite good at that), bootloader passwords bypassed, BIOS passwords cleared or worked around... Which in the end means that the best defense against local intrusion is to keep your computer under literal lock and key.

    I have to say though, this is a pretty neat (and nasty) trick.
     
  3. vizhip

    vizhip Registered Member

    Joined:
    May 2, 2009
    Posts:
    83
    I looks like it is similar to the CDs that Sun provided for emergency bypass access to the Solaris boxes back in version 7 and 8... (and maybe the later versions too, just haven't played with those)...

    Thing is... once you have access to a physical console, you own the box... This has been true for all operating systems down through the years...

    Regards -
    -Bob
     
  4. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Here's an article on putting Kon-Boot ISO onto a USB flash drive. I've not tried it so your on your own if you try it.
    hxxp://www.raymond.cc/blog/archives/2009/05/11/burn-iso-image-to-usb-flash-pen-drive-kon-boot-to-usb/

    More Kon-Boot info.
    hxxp://www.raymond.cc/blog/archives/2009/04/29/login-to-windows-administrator-and-linux-root-account-without-knowing-or-changing-current-password/
     
  5. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Kon-Boot: Bypass Windows Login Security (and some helpful blocking solutions)

     
    Last edited: May 25, 2009
Loading...
Thread Status:
Not open for further replies.