[32753] in bugtraq
Re: Dell BIOS DoS
daemon@ATHENA.MIT.EDU (Steve Shockley)
Tue Dec 9 14:31:37 2003
Message-ID: <004401c3be7d$602e91c0$461010ac@jaginfoss>
From: "Steve Shockley" <steve.shockley@shockley.net>
To: bugtraq@securityfocus.com
Date: Tue, 9 Dec 2003 12:53:08 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
jon schatz wrote:
> seriously, bios passwords are worthless.
Hard disk passwords are somewhat less worthless. See:
http://ssddom01.hgst.com/tech/techlib.nsf/techdocs/85256AB8006A31E587256A780
0644ED8/$file/dara_sp.pdf
(http://tinyurl.com/yg06)
page 84. If the security level is set to Maximum and the User password is
unknown, you can either erase the drive (if you know the Master password) or
throw it away. I'm sure it's feasable to recover the data by physical
disassembly or modifying the drive's circuits or firmware, but at least it's
not trivial like BIOS passwords.
