Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It is pretty trivial to get local admin on any desktop or workstation with physical access, though typically doing so requires at least one reboot. User accounts are basically worthless, from a security standpoint, in that scenario.


It's not trivial, and even so that's not a reason to discredit this particular vulnerability just because others also exist.

What is the point of downplaying local privilege escalation vulnerabilities just because it's a hard scenario to defend against?


> It's not trivial

In my experience, it is in fact pretty trivial.

I'm not saying it shouldn't be fixed, I'm saying it isn't nrealy as big a deal as people are making it out to be. The infosec community likes to latch on to any little vulnerability it can and act like the sky is falling even if, when taken in context, said vulnerability is only a problem in narrow use cases or requires the target to pretty much already be completely exploited.


> The infosec community likes to latch on to any little vulnerability it can and act like the sky is falling

That's because while a given potential exploit might not be a huge deal, a collection of exploits become greater than the sum of their parts, so if you're security-minded, then you want as few of those parts as possible.


Sure, but you always have tradeoffs for implementation time, interface friction, etc. You need to scope things properly so people know how to prioritize them and, in my experience, infosec people are really bad at that. They're so ready to hype up whatever they found that they don't really care how it relates to the real world.


> In my experience, it is in fact pretty trivial.

If you are talking about scenarios where full disk encryption is not enabled, then that is irrelevant. You may as well say that privilege escalation is trivial because some users don't put passwords on their account. The user obviously needs to take care of the basic expectancies first before worrying about vulnerabilities.


> If you are talking about scenarios where full disk encryption is not enabled, then that is irrelevant.

That's fair, I was making that assumption because it is true in literally every case I've come across. But consider that if you have local access to a logged in account you've already got access to unencrypted files for that user anyway. You don't even need admin.


Sure, but consider how this will impact corporate or educational environments (which in my experience DO usually use full disk encryption). I believe full disk encryption is also on by default for most new OEM machines.


When I see the words "trivial" or "orthogonal" in a comment on HN, I become suspicious of the content.


It's made quite a bit more difficult with FDE dependent on TPM and Secure Boot (like Bitlocker). Can't mount the drive from another machine or the same machine with another OS running to modify the password file, can't run a bootkit like KonBoot to disable password checks.


> It's made quite a bit more difficult with FDE...

FDE is orthogonal to user accounts, but yes it would prevent the trivial local access methods of taking over the admin account.

Not that, you know, anything the user cares about requires an admin account to get at anyway, as ransomware has consistently proven.


What a ridiculous argument. User files are important, but locking down admin access has solved a whole host of virus/security issues that were present in, say, windows xp.

at the end of the day, users are responsible for the software they run on their machine. but viruses/worms that run amok are largely over thanks to restraining userland permissions.


Every time I’ve achieved domain admin on a pentest, it’s been predicated with local privesc.

Your opinion is dangerous, professional negligence.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: