Fred Stluka via plug on 8 Apr 2021 18:05:48 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] that's nice


Rich,

But the policy that specifies the access control per key/folder
of the registry is itself stored in the registry.  Right?  Doh!

--Fred
------------------------------------------------------------------------
Fred Stluka -- http://bristle.com -- Glad to be of service!
Open Source: Without walls and fences, we need no Windows or Gates.
------------------------------------------------------------------------

On 4/8/21 7:49 PM, Rich Freeman via plug wrote:
On Thu, Apr 8, 2021 at 7:33 PM Thomas Delrue via plug
<plug@lists.phillylinux.org> wrote:
Be careful shouting "Windows is not secure, and it's all just security
through obscurity". That's a knife that can cut both ways.

Obviously sysadmins vary in capability, but in most serious places I've been in:

1. The appropriate registry keys have permissions set so that you
can't just change them.  Yes, the registry has access control,
manageable per-key/folder/etc.
2. The devices will be using full-disk encryption backed by TPM, so if
you try to boot from USB or whatever the hard drive will be
unreadable.


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug