Getting around a privilege problem in Win XP
June 29, 2005 6:54 AM   Subscribe

Adding hardware without full privileges to a PC with Win XP. My wife has laptop provided by her unwieldy megacorp employer which really restricts what changes can be made to it. We want to add to the computer wireless networking capability.

I tried adding a PC card adapter, but the OS asked for a password to install the new hardware. Is there some other kind of adapter or approach (not of the cracking type!) that would allow us to avoid this obstacle?
posted by shoos to Computers & Internet (19 answers total)
 
Why not ask the company to put one in? Think of a good reason and they'll pay for the component. Or are they evil and cheap?
posted by SeizeTheDay at 7:08 AM on June 29, 2005


My wife did and they said no. She can go an plug the thing into any random ethernet cable on the street but can't use wireless because they are so dangerously unsecure!
posted by shoos at 7:17 AM on June 29, 2005


To be fair, wireless is dangerously insecure. Whenever I'm at a hotel, there are usually 30-40 machines with open shares that pop up in Windows Explorer.

If file and print sharing is enabled, disable it before you get a wireless card installed. If you don't have access to disable it, I suggest you wrap your house in tinfoil. :)
posted by Jairus at 7:22 AM on June 29, 2005


I'd like to point out that Unwieldy Megacorp's IT folks likely set the laptop up this way specifically to prevent end users from making unauthorized changes to their systems. This is an unauthorized change to their system.

Now, Microsoft is known far and wide for riddling their systems with security holes, but I seriously doubt you are going to find a way to do what you want without drastic action. Drastic action is likely to get your wife fired. In fact, since I work in a regulated industry with very high security standards, I'd can someone if I caught them trying to pull this.

That said, here's how you do it:

First, download an NT password recovery tool. Burn it to a CD, boot it, and reset the local machine Administrator password to some known value.

Take the CD out, reboot the machine, and instead of authenticating with your wife's account and password, use the Administrator account and the password you set previously.

Now you're running as a privileged user. You can install drivers at will. Set up your new NIC, and you're good to go.

One caveat: If the system is set up with boot-time disk block encryption, this isn't going to work. It wouldn't, for example, work on systems issued by my employer. It will, however, work just fine on 99% of the systems out there in the world.

posted by majick at 7:23 AM on June 29, 2005


ack! Sorry. Last minute markup is a bad idea. Local machine administrator, please hope my post!
posted by majick at 7:24 AM on June 29, 2005


Damn majick, that's a slick trick. nicely explained too.
posted by cosmicbandito at 7:42 AM on June 29, 2005


Caveat:

If you're going to try Majick's slick trick, be smart about it and Ghost the drive first.

Pulling the trick and getting found out by a rogue wireless card is embarrassing, but b0rking the OS in a lame attempt at hackery will get you canned fer sure.

A full Ghost image of the drive can ensure against total data loss and the resultant cannery.
posted by SlyBevel at 8:56 AM on June 29, 2005


unless i misunderstood, you end up with a machine that has an admin account with the password changed. won't they notice?

then again, i guess they might notice a wireless card too.
posted by andrew cooke at 9:05 AM on June 29, 2005


Umm...er...ah...

Megacorp gave your wife a computer for her to do ITS work, not yours. I think they're entitled to make restrictions.

If you're too short of cash to buy a new portable, used portables with WiFi are available on eBay in the $200 range, and J&R has a refurbished Gateway with warranty for $749.88.

Majick's solution should work, but you may not be able to restore things undetectably, and, according to the linked page, you may not be able restore the original password at all. Is it worth your wife's job to save the cost of getting your own hardware? IMO, the question answers itself.
posted by KRS at 9:09 AM on June 29, 2005


Yeah, that's a problem, too...WTF you gonna do when the IT department tries to use their standard Admin password and it doesn't work?

If you really wanted to do this right, a hash retrieval 'sploit is your best bet.

Course, then you know the Admin password, and that's a whole new minefield on it's own.

Theoretically, of course. Not that you'd actually do any of this, right? RIGHT?
posted by SlyBevel at 9:45 AM on June 29, 2005


Oh, but not the one I linked to. You need an admin to run a trojan for that one. But it's not the only one out there.
posted by SlyBevel at 9:48 AM on June 29, 2005


The company has the right to refuse. The data stored on the machine in question is the property of the company she works for. Wireless networks are far from secure and it's perfectly reasonable that they would not want to risk losing said data (either by accident or malicious intent) even at the risk of upsetting employees.

majick's trick will work, but only if you can boot off alternate media. If the company in question knows what they're doing (and it sounds like they might) then the BIOS should be locked, and the boot order altered so it will only use the local harddrive.

That being said, you can reset the BIOS password by resetting the jumper on the motherboard. So, let's break this down:

Open case, find BIOS reset jumper to get rid of the BIOS password. Go into BIOS on boot and change the boot order to use the CD that majick mentioned. Use the CD to reset the administrator password so that you can login to install alternate, non-supported hardware into a computer that you neither own or have to support.

I can assure you, the IT guys will notice this. We are lenient about this sort of thing where I work, but most companies are not. These restrictions are setup to protect company resources, and to protect workers from themselves. They may seem like a pain-in-the-ass, but in reality, it most likely keeps the machine in an operable state that, if the restrictions were not in place, would probably not happen otherwise.
posted by purephase at 9:50 AM on June 29, 2005


Find a business reason to request wireless capability, and have your wife's supervisor request it.
posted by theora55 at 10:06 AM on June 29, 2005


You could argue that she needs to work from home on the weekends and that your ONLY internet connection is wireless.
posted by k8t at 11:55 AM on June 29, 2005


One solution that doesn't involve any changes to your computer, is to buy a wireless network adapter that plugs into any of the slots your wife already has on her machine.

This device will plug into the ethernet slot your wife already has, and give her wireless access. This won't require the installation of any drivers, or any installation of anything actually. It's pretty much just as wireless extension of the ethernet card that's already installed.

There are devices that plugs into the USB port as well, such as this one, but these will require the installation of drivers. The ones that plug into the ethernet port however, will only show up as a yellow box in the lower left of the screen saying "network cable connected".
posted by cheerleaders_to_your_funeral at 12:38 PM on June 29, 2005


I second what cheerleaders_to_your_funeral said above, with an emphasis on trying a USB adapter.
posted by SteveInMaine at 1:49 PM on June 29, 2005


cheerleaders that is one slick device.
posted by Mitheral at 2:58 PM on June 29, 2005


cheerleaders_to_your_funeral: that ethernet bridge is just the sot of thing I was looking for. Thanks.
posted by shoos at 5:42 PM on June 29, 2005


gees cheerleader you beat me to it! and too all of you over judgemental people on here, he did not ask if you should do it, just how TO do it...
posted by crewshell at 6:18 PM on June 29, 2005


« Older The mid-1960s change in films   |   She makes me cream my jeans when she walks this... Newer »
This thread is closed to new comments.