COMMAND

    Full Armor

SYSTEMS AFFECTED

    Win95, NT (if running this program)

PROBLEM

    Kimmie Dicaire found following.   This is an alert for  Full Armor
    made  by  Micah  Software  and  rated  very  high in PC Week.  The
    software itself  is a  desktop protection  software that  has many
    many more options than the regular poledit that comes with  Win95,
    although it does utilize and  expand on the poledit program.   The
    problem/hack comes into play when  you get the Full Armor  warning
    that you don't have rights (or any other Full Armor dialog box) if
    instead of just clicking the  ok button to remove the  dialog box,
    instead you  choose <ctrl>  + <alt>  + <del>  to get  to the  task
    manager  you  can  end  task  on  Full  Armor  and  remove all the
    protected areas,  thus having  full access  to everything  on your
    destop/PC.

    As anyone who  runs '95 will  tell you, when  you turn it  back on
    scandisk comes up  as well...it is  possible to ctrl-break  out of
    scandisk and thus  get an unprotected  dos prompt, from  there you
    can  modify  whatever  files  you  want, including full armors and
    effectively disable its protection.

    'chameleon' added  following.   Below is  basically how  to bypass
    most "secure" desktop programs:

    - turn on your computer. (Tuff one there)
    - there will be a two or so second gap between seeing your windows
      desktop and seeing the explorer bar across the bottom.
    - during that two second gap,  hit control + alt + delete...  this
      will load task manager.
    - you now have taskmanager  which will enable you to  run whatever
      you like. You also are able to do this without any  restrictions
      because you froze windows from loading explorer and Full  Armor,
      Fool Proof, Fortres 101 etc...

    BTW, if you  hit Ctrl-Esc at  the Windows 95  login prompt, you'll
    launch the  task manager  as well.  From there,  you can start the
    Explorer, and you'll have full access to the computer. Windows  95
    is inherently insecure.

    The has been tested on both 486 and Pentium machine's all running
    Win95 and the hack is reproduced everytime.

SOLUTION

    There is  no current  work around  for this  hack. People at Micah
    are  currently  re-working  the  code  that  should have a fix for
    this by  6-9 or  10-1998.   If you  are running  Full Armor  it is
    recommended  that  you  get  this  fix  when it becomes available.
    Until then, to prevent this  add the following to MSDOS.SYS  under
    the [Options] section:

        BootSafe=0
        BootKeys=0
        BootWarn=0
        AutoScan=0
        Network=1 (if you have networking enabled)

    While this  does tend  to stop  most of  the general populace from
    bypassing  the  restrictions  in  effect  -  it  still doesnt stop
    someone booting off a disk, you  could use a bios setting to  boot
    from C before A (if  your bios supports it), hence  bypassing this
    as  well.   Stopping  load  of  taskman.exe  is  to  simply remove
    taskman.exe  from  the  machine.   Another  trick  was  to use the
    keyboard remapper  from the  MS KernelToys  to remap  one of those
    pesky CTRL, ALT or DEL keys.