I have clients with very smart teenagers. Many of them know how to bypass the BIOS passwords by using manufacturer backdoor passwords. Is there a way to remove them from the BIOS completely so that they may not be used ever again and only the password set by parent or boss would be THE only BIOS password? Both scenarios - brand name PC and just custom rig motherboard situations? Thanks in advance...love MDL... ***** I am not talking about simple resetting. I mean using a tool or method to go into the BIOS and remove or prevent use of manufacturer backdoor BIOS passwords, so that the ONE AND ONLY password that can be used is the one set by the PC owner.
I really don't think that answers downloaddeviant's question at all. I would think that this would be possible. We should be able to find a backdoor password in a BIOS file and change it to something that either only the system owner knows. It might even be possible to change it to something that can't be entered with a keyboard, in effect making it entirely unusable! It may even be possible to write a tool that does this automatically with the most common types of BIOS files. I might be willing to take on the project, if there's be an interest. Do you have a link to an example BIOS with a known backdoor password?
LOL No, that first response did not help at all. Although I do appreciate the effort. We all know the RESET method. I am specifically speaking of REMOVING or preventing the backdoor passwords from being used at all, never, ever, again. Even if reset. I know I am interested in a tool. I am sure others would be to, if put to a vote. I am not a programmer, etc. so I have no idea if this is a simple tool or if this is a serious undertaking. But I am game to help test it. lol
I'm only an aspiring programmer, but I'd definitely be willing to give it a shot! Like I'd asked earlier, do you have a link to an example BIOS with a known backdoor password? One that you could test would be ideal.
u dont need a default password on desktops if u use the jumper method.. now u get it ? laptops is only way to do the default removal... and not many laptops have a default that actually works.
I don't mean any offense, but is English not your primary language? The goal here is not to unlock a BIOS with a forgotten password, it is to take the backdoor (or, as you refer to them, default) password(s) out of the BIOS.
hardware is not your strong subject is it ? the idea is nobody needs a stupid password if u have desktop with a jumper to do it = what is the point of removing a backdoor pwd that is not what the kids are using to REMOVE or BYPASS Password. instead they use a jumper. on a laptop the idea might work as there usualy is no jumper.. on desktop NO and yes u mean offense as u think im stupid (and thats borderline racist) yet u dont see the facts of desktop bios security. not laptop go keep playing with your Xor's
downloaddeviant's original post specifically mentioned that his clients need to protect against people bypassing their BIOS passwords by using manufacturer backdoor passwords. The reason I asked whether or not English is your primary language was because I misunderstood you, and thought that you misunderstood me. I now see what you were trying to say in your previous post. I don't see how you can construe my words to be racist or insulting. I think you are a very knowledgeable member of the community, and as far as I'm concerned, this is a place where we can exist without skin color, without nationality, and without religious bias. I believe that there are many scenarios where a tool that removes any backdoor passwords from a BIOS would be useful. For example, some computer cases have physical locks on them that make it much more difficult for an attacker to utilize a jumper. Another thing to note is that, in environments like some schools or offices, it might be hard for an attacker to attain the kind of privacy that is necessary to open a computer's case without being seen, making blocking software attacks all the more important. I disagree with your assessment of me: I see the facts of desktop BIOS security quite clearly. Whether or not you do is yet to be determined.
desktops have a password CLEAR jumper = the teens dont need to type anything. unless u put pc in a safe and drill holes to ventilate. if u put a cheap padlock in the back of pc.. i can pick it in 2 minutes or less with a small flathead and a paper clip or hair clip %98 of times.
Yes, exactly Drew. Thank you. LatinMG - Please cease your argument. We all know what you are recommending. I appreciate your effort to assist. Sincerely I do. I understand what you are trying to convey. But PHYSICAL RESET IS NOT THE POINT. Yes, clearly there would be no point IF people can reset the BIOS by hitting the jumper. Here is what you are unaware of and also have not considered. #1 - If anyone resets the BIOS and clears the password, the owner or parent of the PC would know it has been done and employee would be caught, then possibly fired...or proper punishment could be applied to child. BUT by using a backdoor password, the employees or kids could get into BIOS, make changes, use the PC then change things back without employer or parent ever knowing. #2 - Many of these PCs have locked cases or are in unreachable locations. Therefore, making physical BIOS resetting IMPOSSIBLE. And again, because these people can use backdoor BIOS passwords, they have total reign. ************************************************ Now that this has been cleared up, please stop this debate. I am the original poster. I am kindly requesting you to cease your debate now. No matter how anyone wants to look at it, just consider this a PROOF OF CONCEPT exercise...OK? Getting back to the main point. Is there a tool, would anyone like to attempt creating such a tool, does anyone know of a tool that would essentially be able to go into the BIOS and remove any and all backdoor passwords or change the BIOS in such a way that there could only be 1 password? lol
finally u answered what the scenario is. my argument was because u wouldnt answer what the scenario is.
Are you serious? Not trying to be hard on you here, but I have re-read your posts thoroughly as of this moment...you never asked me or wanted an exact explanation of the scenario. Second, I even made the effort to edit my first post for clarity. Third, I responded again to add clarity even further - Post #4. Fourth, I did so again earlier today - Post #11. Fifth, this was my thread and my request for help exactly, and clearly stated in the first post. I certainly respect your point of view, but why would anyone have to clearly explain their exact scenario to you at all? It was made clear that we were not talking about RESET. You could have politely ended it there. I asked and specifically detailed what I was seeking help with. You took it and made it into a debate for no reason that I can clearly make sense of. It is completely illogical, outrageous and inappropriate to defend yourself based on this premise, simply because the premise is that somehow I, or someone else should have read your mind somehow or should have explained, answered or placated you in some fashion. Let me be clear, I am saying not to start a fight or to insult you or to hurt your feelings or to be rude, flame you, etc. I am simply and utterly amazed at the logic you are using to rationalize and defend this entire debate. Truly, it seems as if you were bored and felt a need to harass rather than educate or contribute. I am sure this is not true. I feel you were trying to help, but you certainly took it too far. That is my opinion based on what I have read and seen in this thread. Regardless, I still thank you for your efforts and do not desire any hard feelings.
Some people just don't understand That is something I had not even thought of! This makes the ability to remove backdoor passwords all the more useful! I'm still up for giving writing this tool a shot! I asked this question earlier, but I understand how you could have missed it in the mess that we just dealt with: do you have a link to an example BIOS with a known backdoor password? One that you could test would be ideal.
wow talk about trolling.. all that time it took to write that.. when u could use it to research the issue.. no hard feeling? yet u go out of your way to rubb it in the face.. lol next time if i see downloaddeviant needs something.. click the x and forget him. enjoy then again.. i wont see it i added 2 aholes to ignore
Yes and just think what would happen System owner forgets Password (that's what usually happens) back to square one you would need a backdoor password But if you every manage to make the software or modded bios for every manufacturer you would need to make bios backup and even I don't think I would be Flashing another persons machine.
It's the responsibility of the system owner to keep their password in a safe place, and, of course, this would be an entirely optional thing. Think of it like the difference between WEP and WPA encryption on a wireless access point: WEP is better than nothing, but it really shouldn't be used in a high security (or even moderate risk) environment. A BIOS that includes a backdoor password is better than nothing, but it really shouldn't be used in a high security environment! What do you mean by this?
Exactly we all know that and that is the whole reason backdoor passwords exist (put there by Manufacturer) Exactly what I said you would need to edit individual bioses to remove backdoor password and add System owners password.