by Daniel Bergman

Created on: November 12, 2008

There may be hundreds of reasons why people place importance on securing their PC. One reason that people are likely to have in common with each other, is to protect all the private and possibly volatile information located within the confines of their computer's hard drive. Many computer users often employ a variety of methods to protect the integrity of their data. Two measures frequently taken to prevent intrusion include: firewalls and password-protected user logins.

Many of us are most likely familiar with the fact that Microsoft regularly releases security updates for Windows XP. As hackers evolve in an attempt to exploit possible software weaknesses, XP updates are released that address the newly posed threats. Assuming that a computer remains current on all the various releases, it can be presumed that the operating system, itself, remains as secure as it was when it was first released onto the market. Additionally, there are highly-effective firewall programs available on the market. Therefore, it is presumable that an XP user could mount an effective, if not, impenetrable defense against possible intruders originating from a network.

Let us now explore XP's security features that protect against physical access rather than virtual. Windows XP allows the setup of multiple user accounts. Each individual account can be protected with its own unique password. Additionally, each user can manually assign which, if any, files can be accessed by the other users on the computer. Unfortunately, however, the password-protected login feature seems far more secure than it actually is. In most cases, getting around the password can be accomplished with a simple keystroke.

Which leads us to XP's first fatal flaw. Security is easily breached with XP through its "ghost administrator account." An account of which a surprising number of people are completely unaware. This administrator account can only be accessed via "safe mode." And unless a password has been manually entered into this account's settings, then the computer is not protected against physical intrusion.

XP's second fatal flaw is that a second operating system can be concurrently installed with XP. This can be done without ever having to start Windows. An operating system on disc, and a simple reconfiguration of the boot sequence is all that is required. Although this process takes a bit longer than a simple keystroke, it can potentially provide an unwelcome intruder with complete and unrestricted access through the entire hard drive. Although XP can never be made completely secure, it may still be worthwhile to restrict access into the ghost account.

Learn more about this author, Daniel Bergman.
Click here to send this author comments or questions.