this post was submitted on 16 Jun 2023
48 points (100.0% liked)

Technology

37746 readers
50 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
top 13 comments
sorted by: hot top controversial new old
[–] soeren@iusearchlinux.fyi 17 points 1 year ago

I am a bit of security expert myself!

pulls out screwdriver

[–] JohannesOliver 11 points 1 year ago (3 children)

In the past they had jumpers for the same purpose.

[–] PenguinTD@lemmy.ca 1 points 1 year ago

yeah, I did that in my high school years.(80386~80486 years). The jumper reset is neat cause you can then set the school computer to boot from floppy first instead of booting from whatever source it was set to.

So, how tf you have access to MB? Well, if you are much better at computers than most teachers at school, naturally they let you "help" doing the maintenance(aka, figure out what's wrong, replace parts etc). I did those free labour so I can play some games during school hours, so that's a fair trade.

load more comments (2 replies)
[–] bouncing@partizle.com 6 points 1 year ago (1 children)

BIOS passwords have only ever been to deter unsophisticated attacks. Though this is more unsophisticated than the rest.

[–] Moonrise2473@feddit.it 2 points 1 year ago (1 children)

like just removing the battery to reset the CMOS

[–] bouncing@partizle.com 1 points 1 year ago (3 children)

That hasn’t worked in a while, has it?

[–] Moonrise2473@feddit.it 2 points 1 year ago

on DIY motherboards it still works like this

[–] meat_popsicle@kbin.social 2 points 1 year ago (1 children)

It’s a little difficult to reset the password if it’s lost otherwise.

[–] PenguinTD@lemmy.ca 1 points 1 year ago

Just Google the board reset methods from the brand(Asus/gigabyte/MSI/etc) modern board usually have more than one way to regain bios access.

[–] cmnybo@discuss.tchncs.de 2 points 1 year ago

Most motherboards store the password in SRAM along with all of the other BIOS settings. Removing or shorting the backup battery will clear everything.

Some motherboards store the password in non volatile memory. That's usually done in computers intended for business use. If you forget the password, you have to get a reset code from the manufacturer after proving that you are the owner of it.

[–] Zaytalion@partizle.com 2 points 1 year ago (1 children)

It's even more trivial to remove the hard drive and read/write it directly, possibly even booting it on a separate system directly or in a virtual machine. BIOS passwords (on all x86 systems, not just Lenovo) provide very limited security benefits, but they can be sufficient for some basic security requirements.

[–] Moonrise2473@feddit.it 1 points 1 year ago

Well right now it's more secure than a decade ago

Today a locked BIOS + strong windows password could render a stolen computer almost useless if:

  1. Storage is encrypted with keys stored in the CPU tpm (default)

  2. Nand is soldered

  3. Secureboot is enforced strictly so only windows could boot (default)

  4. Before locking the bios with a password, all booting options are disabled except internal storage

load more comments
view more: next ›