[32773] in bugtraq
Re: Dell BIOS DoS
daemon@ATHENA.MIT.EDU (Jim Paris)
Wed Dec 10 14:35:42 2003
Date: Tue, 9 Dec 2003 17:50:31 -0500
From: Jim Paris <jim@jtan.com>
To: David Brodbeck <DavidB@mail.interclean.com>
Cc: "'jon schatz'" <jon@divisionbyzero.com>, bugtraq@securityfocus.com
Message-ID: <20031209225031.GA26985@neurosis.jim.sh>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <C823AC1DB499D511BB7C00B0D0F0574C5843FB@serverdell2200.interclean.com>
> > seriously, bios passwords are worthless.
>
> There is no such thing as security from someone who has physical access to
> the hardware.
There are different types of physical access. For example, many
computers at my university are publically accessible but strapped to
the table in such a way that the case cannot be removed without a key
or a lot of force. It is trivial to reboot them and attempt to enter
BIOS, but an entirely different matter to open it up and move a jumper
or swap the hard drive.
-jim
