I was just thinkin'....

[darkoshi]

A recent security update applied on my work computer makes it so that now after booting, I have to press CTRL ALT DELETE before getting the screen with the button that takes me to the login page. Similar to how it used to be on XP.

Remote desktop programs have commands for sending CTRL ALT DELETE. So how does this make it more secure? To make it harder for criminals who only have one finger?

Comments

[charcoalfeathers]

I scratched my head over this for a while, too, but the basic rationale is that it's to prevent keyloggers. For example, if someone wrote a program that emulated the login screen and installed it on your computer, then walked away. The "login screen" would pretend to let them log in, but it would tell them they had the wrong password or whatever. Between the time that person had the error and IT got there, the fake login screen could've delivered the password and deleted itself.

How does this wacky key combination stop that.. basically the OS itself hooks those keys. So no app can intercept them. If you push those keys, you're getting a security screen or a login prompt.

(This is all ignoring really simplistic ways around this, like remapping the keyboard so they're actually pressing windows-alt-delete or something, and then hooking that. But anyway. :)

[darkoshi]

That makes sense. I didn't realize that only the OS could capture that key combination.

[andrewducker]

Because it means that another program cannot be sitting there pretending to be a login screen - ctrl-alt-delete cannot be intercepted by applications, so pressing it takes you to an OS-dependent screen instead.

[darkoshi]

That explains it. I didn't realize that the key combination couldn't be captured by other apps.

[andrewducker]

Some interesting history here:
http://en.wikipedia.org/wiki/Control-Alt-Delete#Windows_NT_.28and_later_versions.29