July 19, 2006
My Customer Service Encounter and How to Hack Your Machine
I'm not used to working with a customer service department. I've built my own machines over the course of the last 10 years or so. I've selected the components, installed the operating systems fresh, configured drivers and pretty much customized every machine I've had since before Windows 95 was released. Those were desktop machines which made it easy. I decided to get a laptop which I could not build myself, so I bought one from Dell. I have a Latitude 620 which I think is a fine machine is most respects. The problem I encountered with it surprised me, however.
I decided that I wanted to take control of my machine and remove some of the paternalistic software that Dell (as do other manufacturers) include with their products. Google desktop was a breeze to uninstall (love ya, don't want to run ya) through Add/Remove Programs. Other tiny apps also politely disappeared as I removed them. What I didn't expect was a problem removing the Dell licensed DVD player app, PowerDVD. I decided to remove it as I installed another which was my preferred player. Beyond that, PowerDVD ran a process taking up three megabytes of memory just in case I decided to insert a DVD in my drive. There was certainly no need to waste memory like that.
To my surprise, PowerDVD would not uninstall even though my account was in the Administrator Account Group. Other Dell installed programs would not leave either when the uninstall routine was invoked. The process essentially froze. I sent a email to Dell Customer Service and they responded politely and quickly with a non-answer suggesting I talk to another part of the company about the problem. I sensed a shuffle and decided to do some research instead. What I found was interesting.
Dell and other manufacturers hide the general Administrator account from the end user with no documentation as to how to invoke it. Research on the web showed that this is considered a vulnerability by some security groups, although it was the perfect solution to my problem. There was even some reference to hacking the Administrator account in the Dell user forums, but not in relation to my problem.
There are two ways to get the account. One is by booting the machine in safe mode, in which case the login screen with all accounts becomes visible. The Administrator account, by default, has no password, which is considered to be the vulnerability. A straight Windows install asks the installing party to add a password to that account as part of the machine set-up. The Dell first use set-up (and from research, companies such as IBM as well) merely set up general user accounts, bypassing any reference to the Administrator.
Windows in safe mode has limited drivers running so an uninstall may or may not work depending on what is being uninstalled. Sometimes the Windows Installer Application does not update itself in safe mode. This may cause problems later on with trying to reinstall or remove components. The real hack to get to the Administrator account when it is hidden is to start Windows, open the Start Button Menu and choose the Log Off option. This presents the the log-on screen with the standard user account(s). So far so good. Hit Control-Alt-Delete and apparently nothing happens. Hit it a second time and a login dialog box appears allowing one to type in the user name Administrator (with no password) and logging on to the machine with full rights (and power).
Once in, I headed straight to the Control Panel to remove programs I did not intend to use. PowerDVD, like Elvis, left the building with nary a whimper as did the other Dell programs I had few intentions to use. With this I offer the advice that you may want to use this technique to set an Administrator password. If I can break into my machine this easily, someone can break into yours and do some damage. At the very least they can lock you out of your own installation. And if you have the same problem uninstalling unwanted software, well, there you go.
July 19, 2006 | Permalink
TrackBack URL for this entry:
Listed below are links to weblogs that reference My Customer Service Encounter and How to Hack Your Machine: