|
If you felt like using those worthless (and probably very unreliable) SD cards to mess with people, here is a thought:
- Create several empty bitcoin addresses/wallets (make sure the addresses have never been seen publicly and is an old format).
- Encrypt the wallet contents (but not the filesystem, so filenames are visible).
- Put the wallet file on the SD card with some obvious name (e.g. bitcoin_wallet.xxxx) and make the file date from the early bitcoin days (say, around 2011). Be sure all directory timestamps are almost as old.
- "Lose" the SD card in some parking lot where it will likely be found.
Now when someone finds it, they might look at it, see a very old bitcoin wallet and think "a lost wallet from the early bitcoin days might be worth a HUGE amount today".. Then waste a bunch of time trying to decrypt it, only to find it empty if they succeed.
I don't know.. too sadistic?
|
|
|
|
|
Chad3F wrote: If you felt like using those worthless (and probably very unreliable) SD cards to mess with people,
They're only unreliable if you buy 1TB ones from China for $12. All my MicroSD cards are still functional and reliable. You get what you pay for.
And why revive a nearly month-old thread for something nefarious like this?
|
|
|
|
|
I have a couple of external USB drives for backups of data, attached to my PC. The drives are Bitlocker encrypted, in case one gets lost or stolen. Everytime I start the PC I have to use my Bitlocker password to get access to the drives.
However, I recently discovered that once I have access to a drive, if I turn off the PC by hitting the power button instead of doing a proper shutdown through the Start menu, any "open" drives remain open. Next time I start the machine, the drive is immediately accessible. No password needed! You have to go through the proper shutdown procedure to ensure your machine won't have immediate access to the drive on the next startup.
I must admit I haven't checked if a different computer will also have access to the drive left open on my main PC. But the point is: My main PC may get stolen with the external drives during a burglary, for example.
Ok, I have had my coffee, so you can all come out now!
modified 21-Jun-24 9:54am.
|
|
|
|
|
Check the power management settings - your power button is probably set to "sleep" or "hibernate" but there is a "Shut down" option which should restart the OS on power up and require access control to the drives: Control Panel > Hardware and Sound > Power Options > Chose what the power buttons do
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Yes, I found the setting to change what the power buttons do. I changed that from "sleep" to "shut down".
BUT: There is no way to save this change! At least not in the very latest version of Windows 11! When I exit the settings panel, Windows resets the setting to the default "sleep"! Stoopid Windows!
Ok, I have had my coffee, so you can all come out now!
|
|
|
|
|
Did you hit the "Change settings that are currently unavailable" - the system settings are in UAC Registry so unless you are elevated, it won't change. Mine is set to "Shut down" and that is persistent.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Yes I did change that setting and it is NOT persistent. Note: I am the only user on this machine and I am the only administrator. It is running Windows 11 Pro fully updated. I have hibernation mode turned off as it bloats up my system backup images.
Ok, I have had my coffee, so you can all come out now!
|
|
|
|
|
Well, if your system does go in sleep mode, then it'll have to do a full power-up anyway if your system gets stolen and spends any amount of time without any power, just as if you'd have yanked the power cord while it was turned on, rather than doing it while it was sleeping--the results would be the same. Unless it's a laptop and the battery runs long enough.
But perhaps more importantly (from my perspective): If your external drives are backups, physically disconnect them and only power them on when doing an actual backup. Ransomware is just as capable of encrypting your mounted backup drives as your main system. Especially since you enter your Bitlocker password on every boot, conveniently making your backups accessible to said malware.
|
|
|
|
|
Sound advice, but I use Windows Security Ransomware Protection on all folders where data are stored. My Macrium system images are protected by Macrium's Image Garden against any and all unauthorized alterations. Then I also maintain an old style 8TB Western Digital spinning disk drive for off-line storage of all important data. This drive is kept powered down an disconnected 99% of the time.
On top of all that: I make at least every week a DVD backup of all new critical data. The DVDs are closed and locked after creation to prevent any further changes. I have a high pile of such old DVDs in my off-line collection.
As regards my system drive: If the worst happens I can always clean my systems drive and do a clean install of Windows on the drive. I have done many clean installs and it typically takes me 3 or so hours to be fully up and running. I always keep a few flash drives with the bootable tiny Windows PE operating system that has embedded the Diskpart utility that can forcibly clean any disk and prepare it for a clean install.
I don't have much faith in backups on the cloud and mostly avoid that. Some of my critical backups are stored off site in a relative's residence.
If you want to know more about Windows PE, see:
Windows PE (WinPE) | Microsoft Learn[^]
Ok, I have had my coffee, so you can all come out now!
modified 21-Jun-24 14:33pm.
|
|
|
|
|
Sounds like you have a solid strategy already in place. Carry on.
|
|
|
|
|
You might want to back off the coffee
Seroiusly, that's a lot off effort you've gone to. Why? Is it the nature of the data?
Charlie Gilley
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Has never been more appropriate.
|
|
|
|
|
You have to be running as an administrator to save the change.
|
|
|
|
|
Ironically, the shutdown option does not fully shut down the machine, it hibernates things for a faster start up, while the reboot option does quiesce the files for a fresh start up.
Check this link for more information if you do not think I'm right. Actually, don't believe me - check it for yourself.
How to disable Windows 10 fast startup (and why you'd want to) | Windows Central[^]
The search string to Google for is "Disable fast startup"
Just switching your machine off at the power probably doesn't make Windows any less reliable. The filesystem should pretty much cope - though odd applications will require their files to be saved or the program to be exited to avoid the loss of data.
|
|
|
|
|
I noticed similar with an encrypted USB drive - one of those with a keypad built into it to key a pin (6 digits).
One thing you might be able to do to change things is messing with the power states for them.
|
|
|
|
|
wow.
The credentials are not revoked when restarting a machine ?
CI/CD = Continuous Impediment/Continuous Despair
|
|
|
|
|
Depends: if you hibernate or sleep, then probably not unless you log off and log in again. And since most people have "auto logout" disabled to save effort ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
sudo init 0
>64
It’s weird being the same age as old people. Live every day like it is your last; one day, it will be.
|
|
|
|
|
Good to know. I'm the only one likely to access my machine, as I live and work out of the same place.
That said, I've been known to angrily turn my machine off the bad way when it misbehaves. I know I'm not really "punishing" it, more myself, but it still feels cathartic.
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
|
Similar, but unrelated...
My first PC (1992) had the option to set a password in the BIOS... but it only worked on a cold boot. You could do a warm boot to bypass it when prompted for the password.
|
|
|
|
|
Wait, what?
Boot from nothing, get prompted, Ctrl-Alt-Del, no prompt?
It takes a special sort of genius to come up with that.
I've had BIOSes that had options to set a password, but I've never bothered with them. Good to know they're utterly pointless.
|
|
|
|
|
Pressed the restart button... no prompt.
|
|
|
|
|
PIEBALDconsult wrote: Pressed the restart button... no prompt.
What's "the restart button"?
If you mean the Restart option in Windows (or your OS of choice), then yeah, it makes sense. The OS has already booted, so you've proven you know the BIOS password by that time.
But if you mean the physical power button on your PC to restart - from the BIOS password prompt (because that's as far as you can make it) - then it might as well not be there, because it offers no protection at all...
|
|
|
|
|
dandy72 wrote: the physical power button
Yes.
|
|
|
|
|
A Reset button, I'd understand. Maybe.
But the power button (that requires to be held down for 4 seconds when the system's already running), which powers everything down, and then you have to press it again to power it back on...then yeah, that pretty much sounds like a cold boot to me.
If you're not getting prompted for the BIOS password after that sequence...then I agree, it's useless.
|
|
|
|