There is a tool out there called Inception, which via a vulnerability in the way FireWire works, will let anyone log in as any user on your machine without a password on Windows (XP,Vista,7,8). You can read more about the vulnerability on the Inception site.
Pro Tip: If you’re not using firewire on your Windows laptop, remove the drivers! If not most machines can hotplug a firewire device and you have lost.
So why shouldn’t Microsoft do as Apple did with OSX for this issue? Because then I wouldn’t have won fame and liquid rewards.
The story goes; Once upon a time Mikael was hired by a consultancy to help out with a project. Next to his desk stood a laptop called HackMe, which invited employees of the company to hack in, retrieve a snippet of text from a file on the desktop, send this to the security manager, and claim fame.
Never one to give up an opportunity to shine, let alone fame, glory, wine and champagne, Mikael decided to give it a go. The next day he brought with him an old laptop, a firewire cable, and Ubuntu on a USB stick with Inception. Mikael hooked up the gear, went to brew a cup of coffee, retrieved the password and won it all
(Me on the left, security manager on the right – who was pleased someone hacked it, but not that it required an external SharePoint consultant )