|
Posted by Mark Trimble on October 22, 2007, 6:30 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Quoting Security.Concerned.User on Mon, 22 Oct 2007 17:02:09 +0000:
> Hello everyone,
>
> Recently I've realized that Windows XP Pro (SP1) secretly writes data to
> hard-disk sector(s) that were beyond its installation-partition
> boundaries; at that time I used a basic Windows XP installation on a
> 3-GB partition, and the rest of the harddisk was unformatted, for all
> Windows cared.
>
> I should also mention that my WinXP partition is formatted on FAT32, but
> I am capable of accessing NTFS partitions, if need be, using NTFS4DOS,
> (which I didn't).
>
> Obviously I was only able to have discovered that with an MSDOS-run Disk
> Editor capable of accessing all 160 million sectors of my 80GB hard
> disk, and making a text-based datafile containing sector numbers (Cyl.,
> Head, Sector + Index), that was runnable under pure MSDOS mode avaiable
> by booting from a BootCD / BootDVD.
>
> I wasn't quite sure what the nature of that data was, and whether or not
> it was a copy of the swapfile (e.g., PageFile.SYS), or some other data
> off RAM, or maybe password(s) or other sensitive data that I may have
> been working on prior to re-booting from my BootDVD.
>
> So my questions are:
>
> 1. Would anybody be familiar with that sector-writing stuff? 2. If so,
> what is the nature of the data written? 3. Would password(s) typed at
> MSDOS-based program(s), run within
> Dos-Box windows, be secretly saved there too?
> 4. How Am I do prevent that from happening? 5. How Am I to erase such
> data?
>
> Thanks much,
> SCU
Problem exists between keyboard and chair.
There is NO way the OS can write beyond the partition; for the OS, the
rest of the drive does not exist.
| 
XML site map