Can Someone Install Something on My Computer When It’s Not Logged In?
Вставка
- Опубліковано 28 чер 2024
- ⚠️ If your computer is not physically secure, someone could install something even if you're not logged in.
⚠️ Installing when not signed in
If your computer is not physically secure, it’s not secure. If that’s of concern:
- Keep the machine physically locked up when not in use.
- Consider adding a BIOS password.
- Consider adding a hard-disk password or using whole-disk encryption.
- Regardless, encrypt your sensitive data.
Updates, related links, and more discussion: askleo.com/2208
🔔 Subscribe to the Ask Leo! UA-cam channel for more tech videos & answers: go.askleo.com/ytsub
✅ Watch next ▶ Lock Your Computer When You Walk Away ▶ • Lock Your Computer Whe...
Chapters
0:00 Install on My Computer When Not Logged In
1:00 Physical security
3:00 Staying physically secure
❤️ My best articles: go.askleo.com/best
❤️ My Most Important Article: go.askleo.com/number1
More Ask Leo!
☑️ askleo.com to get your questions answered
☑️ newsletter.askleo.com to subscribe to the Confident Computing newsletter.
☑️ askleo.com/patron to help support Ask Leo!
☑️ askleo.com/all-the-different-... for even more!
#askleo #computer #security - Наука та технологія
![3 signs to Check if your Computer's HACKED [SPY SOFTWARE]](http://i.ytimg.com/vi/g_E_kzTlAA4/mqdefault.jpg)
✅ Watch next ▶ Lock Your Computer When You Walk Away ▶ ua-cam.com/video/n_WcsGT3GjA/v-deo.html
I'm surprised that of all the threats involving an attacker having physical access to a computer, you didn't mention the installation of a keylogger. That surely has more profitability for the attacker than using a USB killer.
UEFI and SecureBoot are intended to prevent these types of attacks but... not all users actually use them. In a couple of sensitive environments, users are requested to deal with portable computers and smartphone as they do with firearms: *never* let them unsupervised. *Always* store them in a safe, a cabinet or a locked drawer when not in use.
Encryption is the best option. This address is the issues of someone installing malware on your computer and the possibility data loss due to a lost or stolen computer.
2:05 was that AOC tooling around in there?
I came across your channel today & viewed your guide "How to Create an Image Backup using Macrium Reflect". I found it very easy to follow along & well-taught, after the video ended I immediately subscribe. Thank you, Sir, you have taught an old dog a new trick.
On the Mac, as recently as High Sierra and Catalina, anyone could set a password by booting into the terminal. Including administrative password! Without wiping the system or hard drive. That doesn't 'even qualify as hacking, you just needed to know the terminal command.
I don't know if that is still true. When Bill Gates said it was child's play to break into computers, I didn't realize he meant it literally.
Physically locking up your computer would predicate it’s a laptop. Some people have desktop PC’s
No, there are computer desks that are designed for desktop PC towers with a secure storage area. Moreover, the PC might be "locked up" simply by virtue of being in a room that is locked.
The more pertinent issue is that if an attacker is willing to make his presence known (say, by removing the hard drive from the computer), then in most cases the "lock up" solution is merely a temporary inconvenience rather than an effective defence.
Locking the room (or closet, or cabinet, or whatever) would count.
I keep my bank apps on an encrypted virtual machine. Also my laptop is always locked. I used to keep my bank apps on a dedicated laptop which was locked in a drawer most of the time. I have been considering using an old smartphone (no data plan) to have only bank apps.
I think these are all good measures to protect from physical access to my computer scenarios.
The better bet is to boot off a Linux USB running from memory only. When you finished accessing your bank site you would turn off the computer and everything would disappear.
For international travel I was considering the old phone option for using bank apps. In the US I never use phone banking apps. Instead, I use a VM for web-based banking. For taxes requiring the storage of SSN I use a VM running off of an external USB stick. I would love to use an in-memory Linux distro for web banking but I recently discovered XORG based desktop Linux has a gaping security hole the size of the Grand Canyon. It appears ALL apps running in X-based desktop Linux have access to ALL keyboard input. Consider you want to poweroff your Linux system and you are in the terminal. Every application can monitor the keystrokes as you type sudo poweroff and the password which allows any command to be executed. There is an XORG option called wayland but acceptance seems to be low. Some people point out how web plugins/extensions can track every keystroke but at least the keystrokes are limited to the browser. To me it's on par with MS creating a keyboard buffer service in addition to the clipboard buffer service. Effectively every calc/notepad/browser/... can become a keylogger with a small amount of code.
Leo, it would be great to see a discussion of XORG-based Linux desktop security. I spent considerable time configuring a light-weight Linux system based upon Debian server and IceWM as MS support for my MS Store notebook ends in 16 months. The millions of pounds of e-waste this MS decision will generate is insane and I want to continue to use a perfectly usable notebook but how do you switch to an XORG Linux desktop where every running app can see every keypress? Many will say, and I agree, MS can track everything you do, but MS literally has the largest market cap of any company on the planet. MS has a bit more to lose when acting inappropriately than someone who mods your favorite notepad app and remotes into your system.
@@knutblaise9437 what I was talking about is booting off a Linux USB each time you wish to access your bank. When you turn off your computer everything essentially disappears.
I think a encrypted VM session is a intelligent option to a completely encrypted hard drive. If you sufficiently strong password then you should be able to keep aVM image on your main drive.
Also, I would strongly advise not to use a USB stick to store a VM image. In the past 30 days I had three sticks die without warning.
I'm the end, there are four operating system options: Windows, Mac, Chrome, Linux. All of them have some issues and security problems.
I only use Debian Linux. I will lookup what this " gaping hole" is about.
I see that Debian/Gnome (the default config) uses Wayland.
My Dell desktop wouldn't boot to Windows when I turned it on after a power outage. I just got a black screen. I put in a Recovery USB I had made using a Windows program to create it. I didn't see a way to change boot order. I turned off Secure Boot/UEFI continuing through three Warning screens not to do so, and then Windows booted by itself without further attention from me. I don't think the Recovery USB came into play. It has been working fine since then. I haven't tried to turn UEFI on again.
Poor video this time