Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: password backdoors

From: vitor () uminho pt (vitor () uminho pt)
Date: Mon, 15 May 95 16:19:33 +0100

On Thu, 11 May 1995 , Brian wrote

  > I have also heard that the hardware password (and all the other ROM  
  > settings) will get wiped if you remove the battery for a while, but I  
  > haven't tried it.(Haven't had the need... :>)
  > Does anyone know?

  This is definitely the case on a NeXT, and I would think that it holds
  true for most machines (although I have only ever had to do it on my
  NeXT).  I think that we're getting pretty far from the scope of bugtraq,
  though.  Let's just say that if someone has the opportunity to turn a
  machine off, open it up, pull the battery, and wait for some amount of
  time greater than 15 minutes but less than 12 hours (my two data points,
  I'm not sure what the minimum required time actually is) that machine
  ain't secure. :-)

If your machine has a batery "fixed" to the motherboard by two wires, you can
use another wire to connect both batery wires for a while. This will
desable any ROM settings.

        Vitor

----
Vitor Fernandes <vitor () uminho pt>
Comunicacoes por Computador
Univesidade do Minho
Portugal
Previous By Date Next
Previous By Thread Next

Current thread: