• Ephera@lemmy.ml
      link
      fedilink
      English
      arrow-up
      32
      ·
      10 months ago

      When I got asked that once, I told them they should bring me their laptop. 10 minutes tops and I’ll have access to their files. They really didn’t know, if I was bluffing or not.

      (I wasn’t. The average laptop is genuinely that badly secured.)

      • JDubbleu@programming.dev
        link
        fedilink
        arrow-up
        22
        arrow-down
        5
        ·
        10 months ago

        Almost every personal computer that isn’t a MacBook is poorly secured due to the lack of filesystem encryption as a default. No one encrypts their data at rest, and as such you just have to pull their drive and read it with another computer. Hell, I don’t encrypt my entire file system despite being aware of this because of the inconvenience of added boot time, but everything that matters is encrypted and backed up across multiple devices.

        The best thing anyone can do is keep the amount of critical, digital data they have to a minimum, keep that data encrypted and backed up, and use a password manager properly. That alone makes it exceedingly unlikely you will ever be a victim of cybercrime solely because you’re more of a pain in the ass to compromise than 99.9% of the world.

        I personally have almost 10TB of data between all my systems, but of that maybe 10 MB is actually valuable to anyone but me.

        • bitwolf@lemmy.one
          link
          fedilink
          arrow-up
          9
          ·
          10 months ago

          Windows encrypts by default now. I don’t know if any Linux distros do by default but it was certainly option for me to enable it at install time.

        • PlatinumSf@pawb.social
          link
          fedilink
          arrow-up
          5
          ·
          10 months ago

          Pretty sure bitlocker is enabled by default since Windows 11 rolled, to my understanding it’s part of the reason they now require Microsoft accounts for device on boarding.

      • cm0002@lemmy.world
        link
        fedilink
        arrow-up
        11
        arrow-down
        4
        ·
        10 months ago

        Lol Windows user password is the digital equivalent of a pad lock, it only keeps honest people honest lmfaoo

        • LifeInMultipleChoice@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          10 months ago

          Local accounts, yes. How are you bypassing Microsoft accounts with 2 factor authentication enabled? Unix and Mac passwords were the same for local accounts before.

          Easiest way right now would be to acquire a username password to get into their phone provider, say Verizon. Then log into their Verizon account and move their phone number to a new phone. (this will only require knowledge of their security questions, also a phone not purchased by a card or registered to you if you don’t want it traceable)

          Once done then you can reset the password using the unknown password to their Microsoft account using the 2 factor that sends to their phone number…maybe.

          Especially on windows 11 we don’t stand much of a chance getting passed.

          Likely easier to pick up the password book they wrote all of their passwords down in and accessing them. (Performed by most people over 50 I know)

          Edit: also, you will find their Facebook password written there haha

          • cm0002@lemmy.world
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            10 months ago

            Assuming bitlocker isn’t enabled (Which it probably isn’t since it’s still not default yet AFAIK) boot Linux live USB > access files under user folder on disk

            • LifeInMultipleChoice@lemmy.world
              link
              fedilink
              arrow-up
              3
              ·
              edit-2
              10 months ago

              Bitlocker is enabled by default, requiring tpm. Which internal tpm is used by most all devices. Also you won’t get into any commercial devices as the bios will be locked by password, so booting by USB will not happen.

              Source: Microsoft, “On supported devices running Windows 10 or newer BitLocker will automatically be turned on the first time you sign into a personal Microsoft account (such as @outlook.com or @hotmail.com) or your work or school account.”

              Alt source: I have spent years working for DOD and other IT positions

              • cm0002@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                10 months ago

                Oh that’s probably why I never ran into it, I only do local accounts because fuck Microsoft online accounts lmao

                • LifeInMultipleChoice@lemmy.world
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  edit-2
                  10 months ago

                  Yeah, I don’t use Microsoft online accounts, but “work or school accounts” come up in many jobs because Windows is still used by many companies. I want to get certified or such for Googles BS (edit: bullshit not fancy terms) just because so many companies hire for transitions from Microsoft to Google or vise versa. It shouldn’t be a hard transfer… But I don’t have the time or money at the moment, so the $1000 for the course for certs sounds like a pain… But the $70-75 an hour for remotely transferring their systems and supporting it sounds like it is worth it. If you know anyone with background on the Google side of it please let me know if the certification is a waste of time.

      • mindbleach
        link
        fedilink
        arrow-up
        2
        ·
        10 months ago

        The most recent time I had to get into someone else’s laptop, it was an adorable little relic I bought at a flea market.

        Windows 95 does its charming start-up routine and I’m presented with a login prompt. I start working through how I’m going to boot something else to modify the registry or whatever, when the machine predates USB drives and my desktop has no floppy drive. Then I bet I can invoke “safe mode” and use the underlying DOS install to edit anything I want. Then I remember there’s some labyrinthine info > accessibility > help > control-panel > run-dialog chain that lets you start explorer.exe directly. Finally, within maybe thirty seconds of being surprised this thing even has accounts to log into, I slap my forehead and just hit Escape.

        I’m in.

      • rdyoung@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        10 months ago

        Do you know the wonder that is konboot? It works on every version of windows with old school offline accounts, it even works/worked on Linux and it leaves no trace.

        • Ephera@lemmy.ml
          link
          fedilink
          English
          arrow-up
          8
          ·
          10 months ago

          I had not heard of it before. I would have just booted a Linux Live USB. So long as there’s no disk encryption, you can just access the hard drive in the laptop like any other data disk.

          Or in other words, I’m actually not even trained/informed about hacking. I just accidentally acquired this knowledge by installing Linux at some point. 🙃

          • rdyoung@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            10 months ago

            You can do the same with the windows install/repair or any other bootable os. I kept konboot around for when I was working on someones pc and they forgot to tell me the password or they forgot it.

      • MonkderZweite@feddit.ch
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        10 months ago

        There’s literally an open source tool suite you can flash on a thumb drive, stick it in a sleeping notebook and get access to it. Sadly don’t find it anymore.