Bugtraq mailing list archives
RE: Dell BIOS DoS
From: "Lyal Collins" <lyalc () ozemail com au>
Date: Wed, 10 Dec 2003 12:25:48 +1100
Not sure that the sentiments below are 100% correct - see Ross Andersons papers on logical and API attacks upon tamper resistant hardware, faciltated by physical (or near physical) access to the hardware. If you can do it in software, you can break it in software. Lyal -----Original Message----- From: Craig Paterson [mailto:craigp () tippett com] Sent: Wednesday, 10 December 2003 7:03 AM To: David Brodbeck Cc: 'jon schatz'; bugtraq () securityfocus com Subject: Re: Dell BIOS DoS David Brodbeck wrote:
There is no such thing as security from someone who has physical access
to
the hardware.
Alright, so this is a tangent, but: that is what encryption is for. The whole basis of encryption assumes that the attacker has access to the message (your data), but that without the appropriate keys you can't usefully access it. No, this doesn't have much to do with the value or otherwise of BIOS passwords, but it's often stated that physical access renders all your data wide open, which isn't necessarily the case. Craig.
Current thread:
- Dell BIOS DoS James Evans (Dec 08)
- Re: Dell BIOS DoS jon schatz (Dec 09)
- Re: Dell BIOS DoS Steve Shockley (Dec 09)
- Re: Dell BIOS DoS der Mouse (Dec 10)
- <Possible follow-ups>
- RE: Dell BIOS DoS David Brodbeck (Dec 09)
- Re: Dell BIOS DoS Craig Paterson (Dec 09)
- RE: Dell BIOS DoS Lyal Collins (Dec 10)
- Re: Dell BIOS DoS Eric Anderson (Dec 10)
- Re: Dell BIOS DoS Alexandros Papadopoulos (Dec 09)
- Re: Dell BIOS DoS Jim Paris (Dec 10)
- Re: Dell BIOS DoS Craig Paterson (Dec 09)
- Dell BIOS DoS Ross Draper (Dec 09)
- Mobile Device Security, Was: Re: Dell BIOS DoS Karsten W. Rohrbach (Dec 10)
- Re: Dell BIOS DoS Seth Arnold (Dec 10)
- Re: Dell BIOS DoS Thor (Dec 11)
- PGP secret keys (was Re: Dell BIOS DoS) Matthew Wakeling (Dec 12)
- Re: Dell BIOS DoS jon schatz (Dec 09)