windows 10 How easy it is to break into Windows 10

[EPENEX]

As an above poster mentioned, Linus already covered this in a video.

[Varusal]

1 minute ago, EPENEX said:

As an above poster mentioned, Linus already covered this in a video.

No way really? Tell me more about it...

[Razor Blade]

Most of my data isn't stored on my PC...so if someone wanted to break into this thing, not a whole lot of reward for effort... Heck they couldn't even play my steam games because I use an iSCSI drive for that.

[GoodBytes]

"Break into Windows", you failed to realize that:

1. If you have physical access to the system, then you can do whatever you want to get its data out. You can just pull the HDD/SSD out and plug into another system of whatever OS,  then pull the data out. You can plug your HDD/SSD with Windows 10 on it already installed on it and boot to it instead, and pull the data of the system that you are entering. You can boot to a Live disk of Linux distro and you can pull the data out.... they are many ways.
    
2. If the account has encrypted files in it using Windows. Unless you have the certificate backup and its password, you can do whatever option in 1, and you won't be able to access the data that is encrypted. And if the account holder used another encryption solution, than again, good luck reading it (even accessing it)
    
3. If the account is a Microsoft linked account, or a joined domain account, and try to do a password reset, then... good....freaking... luck changing that password using your method.
    
4. Your method leaves traces everywhere that someone entered the PC. Might as well get a crow bar and try and pull apart the case panel without using a screw driver to unscrew the panel(s) out.
   

 

[2FA]

I would personally just make an image of the drive and work with that as it requires zero writing on the original disk and shouldn't leave behind any evidence.

[Varusal]

12 hours ago, GoodBytes said:

"Break into Windows", you failed to realize that:

1. If you have physical access to the system, then you can do whatever you want to get its data out. You can just pull the HDD/SSD out and plug into another system of whatever OS,  then pull the data out. You can plug your HDD/SSD with Windows 10 on it already installed on it and boot to it instead, and pull the data of the system that you are entering. You can boot to a Live disk of Linux distro and you can pull the data out.... they are many ways.
    
2. If the account has encrypted files in it using Windows. Unless you have the certificate backup and its password, you can do whatever option in 1, and you won't be able to access the data that is encrypted. And if the account holder used another encryption solution, than again, good luck reading it (even accessing it)
    
3. If the account is a Microsoft linked account, or a joined domain account, and try to do a password reset, then... good....freaking... luck changing that password using your method.
    
4. Your method leaves traces everywhere that someone entered the PC. Might as well get a crow bar and try and pull apart the case panel without using a screw driver to unscrew the panel(s) out.
   

 

The point is that as I said multiple times: "A normal user don't know these things." And as long as the Ease of Access Button is available on the Login/Lock Screen is a Security hole. And yes "My Method" leaves traces behind but no one will ever know that someone was in the system if you remove the created account and set back the osk.exe.

ONLY If the user of the PC knows that someone used his PC and he knows how to find hints like Security Events etc he will notice it. But as an example my whole family except of my dad wouldn't even notice someone got into the system.

 

Stealing hardware and plug it into another pc to make a copy of the drive will take longer than using "my method". You can easily create more backdoors into the system instead of stealing hardware (which is btw. more noticeable than creating a new account).

[GoodBytes]

6 hours ago, SirMorokei said:

The point is that as I said multiple times: "A normal user don't know these things." And as long as the Ease of Access Button is available on the Login/Lock Screen is a Security hole.

It is not a security hole if you have physical access to the system. If you are so convinced that it is a security hole, why not file a security hole bouny report to Microsoft? Massive money can be made. Also, your "normal user", uses a Microsoft linked account. And what do you suggest the fix be?

 

6 hours ago, SirMorokei said:

And yes "My Method" leaves traces behind but no one will ever know that someone was in the system if you remove the created account and set back the osk.exe.

Even more like the metaphor image I posted.

 

6 hours ago, SirMorokei said:

ONLY If the user of the PC knows that someone used his PC and he knows how to find hints like Security Events etc he will notice it. But as an example my whole family except of my dad wouldn't even notice someone got into the system.

1- He won't do all this. 

2- He will probably pull the drive out and put it on another system, or run Live Linux distro disk, as those are way easier.

 

 

6 hours ago, SirMorokei said:

Stealing hardware and plug it into another pc to make a copy of the drive will take longer than using "my method". You can easily create more backdoors into the system instead of stealing hardware (which is btw. more noticeable than creating a new account).

You saying and doing things that is above your knowledge level, and that result in you not looking.... professional. You should work on your knowledge. You have a lot to learn. 

[Varusal]

@GoodBytes In my opinion you are wrong. 

[KarathKasun]

10 hours ago, SirMorokei said:

@GoodBytes In my opinion you are wrong. 

In fact, not opinion, you are wrong.

 

Covering your tracks as you are saying, is like a huge neon sign that says "I HAVE BEEN COMPROMISED" to anyone with a clue about Windows security.  Which is a great thing to do when you live with a person.  They get a computer service company to fix something with the PC later, and find out that you are doing something shady with their belongings.

 

Its not like this tactic is even new either, this exploit has been around since NT4... back when I first entered High-school in the late 90s.

[Varusal]

You know that the Ease of Access button was implemented in vista, right.

[KarathKasun]

17 minutes ago, SirMorokei said:

You know that the Ease of Access button was implemented in vista, right.

There were other very similar ways to get around the same issue in NT4, NT5/Windows 2000 pro, and XP.