|
Bugtraq
mailing list archives
RE: Dell BIOS DoS
From: David Brodbeck <DavidB () mail interclean com>
Date: Tue, 9 Dec 2003 14:06:19 -0500
-----Original Message-----
From: jon schatz [mailto:jon () divisionbyzero com]
seriously, bios passwords are worthless. there are numerous
ways to get
around them. most motherboards have a jumper that you can set
to reset
your cmos / bios (probably misusing one of those terms) to
the factory
defaults. or you can just yank the cmos battery out.
Once upon a time, Sun Sparcstations stored the password in the NVRAM chip.
This chip had an internal battery. If you lost the password, that was it,
the only official fix was to replace the NVRAM chip. (At least it was
socketed.) Even that turned out to not be a serious problem, though; it
turned out if you removed the chip entirely, the system would boot to the
ROM monitor. Then you could put the chip back in "hot" and clear the
password.
There is no such thing as security from someone who has physical access to
the hardware.
 By Date 
By Thread
Current thread:
- Dell BIOS DoS James Evans (Dec 08)
- <Possible follow-ups>
- RE: Dell BIOS DoS David Brodbeck (Dec 09)
| 
Intro
