Tuesday, March 07, 2006

How insecure can an OS be?

Avyakt recently compared Microsoft Windows and women. In the same vein, I recently found out what an insecure OS Windows can be.

I recently gave in to temptation and bought a 250 GB hard drive (only S$150!) and decided I might as well give in to my gamer urges as well, and proceeded to install Windows on a partition of the new hard drive (my primary hard drive runs Fedora and Gentoo). I hate dual-booting from the same drive and much prefer to have installations on separate hard drives for independent re/un-installation.

Now, my last computer had this nice "Boot" menu in BIOS - I could select which hard drive to boot from. In my current setup, I have to actually go in and change the boot sequence, which is a pain. So, I figured, that there must be a way to get GRUB to boot Windows off a second hard drive. Off the top of my head, I thought chainloader (hd1,0)+1 would do the trick (set root to 2nd hard drive, 1st partition, and boot from the MBR). Doesn't work.

Turns out Windows must be booted off the "first" hard drive - it refuses to boot if its in second place. So here's the solution:

map (hd0) (hd1)
map (hd1) (hd0)
chainloader (hd1,0)+1

You have to pretend Windows is really on the first hard drive (mapping hd0 to hd1), even though it really isn't (note the chainloader is still given hd1 as a parameter). Only then will Windows boot up.

These comparisons just continue to stack up. It's uncanny.

Cross posted on E-Minor