 |
 |
 |
 |
 |
 |
 |
|
|
|
|
|
|
|
 |
|
 |
 Host your site on our high performance virtual domain and non-domain accounts.
|
|
Is your registry secure? Published on 7/5/97 If you are familiar with Windows 95, you are probably familiar with the system registry. Likewise, you are probably familiar with registry files, or registration entries as they are officially named. These files, which end in the .reg extension, contain variable amounts of data from your registry. By default, when you double-click on one of these files, its contents are automatically merged into your registry. This could be good or bad, depending on how you look at it. We're going to concentrate on the bad side, but first, a bit of the good: The Windows 95 registry contains just about all of the important configuration information on your computer, including most system settings. Losing the data in the registry could be disastrous; so, if you're ever worried, you can export your registry, or a portion of your registry, into a single registry file (.reg). Then, if something does go wrong, you'll have a backup copy of your registry that can be merged, or imported, back into the real thing. Of course, there could be other problems as well, but we won't get in to that. As our focus turns towards the Internet, there are still more examples of registry
files being used for the good. Take, for example, Windows95.Com, a 32-bit shareware and
driver site. At this page, http://www.windows95.com/default/
Any web site with malicious intent could easily link to a registry file that would overwrite critical entries in your own registry. If you mistakenly allow your browser to open this file... well, you'd be in a tough situation. In other words, you could destroy your system by opening a registry file created for the purpose. Now would be a good time to mention that when we use the phrase "opening a registry file," we do not mean that your browser displays the contents of the file. Rather, we are referring to your browser actually executing the file, in effect mimicking the action of double-clicking it. If you're not quite sure of the risk involved yet, you might consider taking part in this demonstration. We have created a registry file that will change one setting in your registry. It's not something critical, but it is something that you might not have known could be changed. This demonstration will modify a single line appearing in the 'About Windows' dialog box. You can reach this dialog box by selecting 'About Windows 95' from the 'Help' menu in the 'My Computer' folder or any other folder. It should look something like this:
Now, for the demonstration, simply click here (Windows 95 users only). Please do not worry; this demonstration has been tested thoroughly, and its effects can be reversed from a link later in this article. When you click on the above link, your browser will probably ask you what to do with the file. As you've probably guessed, you should opt to open it, not save it. Please note however, that this demonstration works best in Internet Explorer, and may not work in other browsers. In a few moments, you should receive confirmation that the contents of the registry file have been successfully merged into your registry. Now, if you check the 'About Windows' dialog box once again, it will look something like this:
Notice the second line. It no longer reads "Windows 95," but rather "Is your registry secure?" Now that you have seen the effects of our demonstration, you can return everything to normal by clicking here. Once again, you need to open this file, not save it. Perhaps now, if not already, you realize the dangers of downloading registry files from the Internet. Your registry is not totally secure. Our demonstration was a minor example; much more destructive registry files can be created and published. For example, your registry contains most, if not all of the settings accessed by the Control Panel. By merging a particular registry file into your registry, you could inadvertently change much of your system's configuration. How can you protect yourself? Well, for one thing, avoid clicking on any links pointing to registry files, which end in the .reg extension. Second, you might consider changing the default action (what occurs when you double-click on a file) for registry files from 'Merge' to another action. You can do this by opening any folder and selecting 'Options...' from the 'View' menu. Then click on the 'File Types' tab, and find the listing for 'Registration Entries.' Highlight this listing and click on the 'Edit...' button. You will then see a list of possible actions for the .reg file type. 'Merge' will be in bold text, indicating that it is the default action. Select a different action, such as 'Edit,' a click on the 'Set Default' button. Now, whenever you double-click on a registry file, or open one from your web browser, it will not be merged into your registry. So far, the ability to modify one's Windows 95 registry from an Internet web site has not been considered a high risk to system security. However, the potential for catastrophe certainly exists. There's no need to be paranoid, but just be aware that the issue exists. Use caution when you come across a registry file online. |
|
|
|
 |
|
Home | About | Feedback
| Downloads | Search Copyright © Michael Yigdall and Jonathan Strine |
