Tool released that unlocks Windows computers in seconds without need for password

“A security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password,” Asher Moses reports for The Sydney Morning Herald.

“Adam Boileau first demonstrated the hack, which affects Windows XP computers but has not yet been tested with Windows Vista, at a security conference in Sydney in 2006, but Microsoft has yet to develop a fix,” Moses reports.

MacDailyNews Take: Give Microsoft a break; they were very busy at the time artificially plumping Intel’s numbers while covering their own inefficient, bloated code deficiencies by slapping misleading Vista-capable stickers on POS PCs that were exceedingly Vista-incapable.

Moses continues, “Interviewed in ITRadio’s Risky Business podcast, Boileau said the tool, released to the public today, could ‘unlock locked Windows machines or login without a password … merely by plugging in your Firewire cable and running a command.'”

“Boileau, a consultant with Immunity Inc., said he did not release the tool publicly in 2006 because ‘Microsoft was a little cagey about exactly whether Firewire memory access was a real security issue or not and we didn’t want to cause any real trouble,'” Moses reports. “But now that a couple of years have passed and the issue has not resolved, Boileau decided to release the tool on his website.

Full article here.

36 Comments

  1. wow, the MacDailyNews take is really insightful and completely fanboyish in nature. Can anything on this site be just news without injecting opinions or non-relevant statements?

    Stick with reporting, this opinion site is getting crazy. I know Apple obviously spends a lot of Ad dollars here, but its excessive already.

  2. It will probably fall on Apple’s shoulders to fix this. Firewire seems to be slipping to the side for USB2. I prefer Firewire – because it’s better and this won’t help it stay around if left to Microsoft to fix.

  3. @bias:

    don’t take this in a mean way, but, “Cram it up your cram-hole!” (Sorry, I just think that’s one of the funniest lines ever written)

    We’re all here for the bread and circus and, while we may not be “Apple Fanboys”, we understand the sentiment and feel more than a little bit of schadenfreude when things like this happen to microsoft.

    I think every one here has a little Nelson in their head saying, “HA Ha!”

  4. You must be new to the MDN, bias?

    MDN’s most significant defining element in the sea of Mac sites out there IS their commentary. Most of us coming here are Mac fans and we always have a chuckle reading the MDN take on the news. If you haven’t noticed, MDN’s content is mainly aggregation of others’ content (with proper attribution and links, of course). The take is about the ONLY original MDN content. Without it, I may as well go to MacMinute, Macintouch, MacNewsNetwork, TheMacObserver… not to mention the magazines MacWorld, Maclife, etc… (there are many more, just don’t come to mind at the moment).

  5. Ya kno– If Apple wants to keep the Firewire technology alive they need to continue upgrading and supporting it, and its availability.

    Firewire IS the superior technology, but it’s getting the second-bastard-stepchild treatment from Apple as of late.

    Apple- get on top of this, fix it QUICKLY and LOUDLY. Then make it Micro$quish’s problem to add the fix to Windoze.

    The last thing Firewire needs is this unfixed-(possibly fatal) flaw to hurt FW adoption.

    Just my 2¢
    John
    North Pole AK

  6. “unlock locked Windows machines or login without a password … merely by plugging in your Firewire cable and running a command.”

    Sounds like they finally got that Target-Disk-Mode feature… ;D

    Took ’em quite a while, didn’t it?

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.