[32778] in bugtraq
Re: Dell BIOS DoS
daemon@ATHENA.MIT.EDU (Seth Arnold)
Wed Dec 10 15:03:10 2003
Date: Tue, 9 Dec 2003 16:47:19 -0800
From: Seth Arnold <sarnold@wirex.com>
To: bugtraq@securityfocus.com
Message-ID: <20031210004719.GH849@wirex.com>
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="dCSxeJc5W8HZXZrD"
Content-Disposition: inline
In-Reply-To: <0F3C580DC6652D439215F979EA9DC4B31DA826@readingm1.uk.gwrgroup.com>
--dCSxeJc5W8HZXZrD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Dec 09, 2003 at 08:08:31PM -0000, Ross Draper wrote:
> I agree with your points Jon, but lets be fair here, BIOS passwords do
> have a use - especially on laptops.
An oft-overlooked use for BIOS passwords is an 'auditing' mechanism;
typically, when one resets a BIOS password via magic jumpers, removing
battery, etc, there is typically no way to put the password BACK.
So, someone who disables or destroys the BIOS password still stands a
good chance of being discovered, at the least.
--=20
Outlook users: please do not put my email address in your address book.
This way, when you get infected with a virus, my address won't appear in
the From: header. Thanks.
--dCSxeJc5W8HZXZrD
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE/1m0X+9nuM9mwoJkRAqOYAJsFFUueHpacQ6Z39uOZItPBdRuqiACeLIdh
qwobRdxsb1uJMzriT7AeJKw=
=S0TO
-----END PGP SIGNATURE-----
--dCSxeJc5W8HZXZrD--
