Stolen Laptop
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Stolen Laptop

Hybrid View

  1. #1
    Agony Aunty-Online Moira's Avatar
    Join Date
    Jun 2003
    Posts
    1,063

    Question Stolen Laptop

    Hi

    Am I right in thinking that anyone with the knowledge will get into a PC if they have physical access to the machine? A moderator on a forum I use has had her laptop stolen and thinks it will be protected because she "used an administrator coding on my computer to get it to operate so without that information, it is not accessible to anyone."

    In other words, it was password protected before it even booted into windows. I've not heard of this, but would be interested to hear what the opinion is on its data accessibility. Could someone not just remove the hard drive (albeit a laptop hdd) and connect it to their own laptop?
    77 111 105 114 97

    My PGP signature

  2. #2
    Senior Member isildur's Avatar
    Join Date
    Feb 2003
    Posts
    166
    The question is did she have the hard drive actually encrypted. If not then the typical password protection scheme will fail quickly. Even then, they can reset any bios password, wipe the drive and have a shiny new laptop to use.
    Only trust Pipe-smoking Penguins.

  3. #3
    Agony Aunty-Online Moira's Avatar
    Join Date
    Jun 2003
    Posts
    1,063
    No, the drive wasn't even containing an encrypted drive for confidential stuff unfortunately. She doesn't have admin permissions on this forum so her details are of limited use, but of course I'm concerned for her other personal items etc. I just wanted to confirm what I thought was true - anyone with physical access can get round a password protected system, even if it asks for the pass before even booting up.
    77 111 105 114 97

    My PGP signature

  4. #4
    Member omin's Avatar
    Join Date
    Feb 2002
    Posts
    60
    Quote Originally Posted by Moira
    I just wanted to confirm what I thought was true - anyone with physical access can get round a password protected system, even if it asks for the pass before even booting up.
    Consider it confirmed. It sounds like she has used a bios boot password. This can be circumvented by removing the bios battery for a while and then putting it back. This resets the bios settings (and any password that was was set in the bios).

    The only way to truly protect your data is to properly encrypt the data or the drive that it is on with a strong encryption scheme.
    \"Clouds are not spheres, mountains are not cones, coastlines are not circles, and bark is not smooth,
    nor does lightning travel in a straight line.\" -Benoit Mandelbrot

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by omin
    Consider it confirmed. It sounds like she has used a bios boot password. This can be circumvented by removing the bios battery for a while and then putting it back. This resets the bios settings (and any password that was was set in the bios).
    Or just remove the drive physically and put it as a slave in another machine. All files are easily read there.
    Do note that some laptop brands store the BIOS password in EEPROM. You can remove the battery for 10 years and the BIOS password would still be there.

    The only way to truly protect your data is to properly encrypt the data or the drive that it is on with a strong encryption scheme.
    Fully agreed.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    I came in to the world with nothing. I still have most of it.

  7. #7
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Hello Moira, good to see that you have returned

    This is a subject I have looked into over the years and I cannot really give you anything definitive without knowing the make and model of your friend's laptop.

    1. BIOS password: This is something you have to enter before it will load the operating system. You can normally circumvent it by removing the battery or just flashing the BIOS from a floppy disk. It protects the machine, rather than the drives.

    2. Administrator password........... just a fancy BIOS password.

    3. Hard Drive password............. this is a difficult one, as it lives in a hidden area of the HDD or even on its own chip?

    Some BIOS and drive passwords live on an EEPROM chip (frequently a 24C) and that makes them invulnerable to removing the power supply (battery).

    I would guess that whomsoever stole the laptop merely wants to convert it into drugs? so it probably isn't that much of an issue, as they don't want the data?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  8. #8
    Agony Aunty-Online Moira's Avatar
    Join Date
    Jun 2003
    Posts
    1,063
    OK, thanks for the help. Much appreciated though not very good news dammit
    77 111 105 114 97

    My PGP signature

  9. #9
    Senior Member isildur's Avatar
    Join Date
    Feb 2003
    Posts
    166
    I was a bit intrigued by the Eeprom issue, not having ever had it come up personally. There were a few sites that claimed the only method around that was the old soldering iron and a replacement chip. I saw some others mention using ultraviolet to clear the password. Others claimed you could send it to them and they would fix it for you (providing you proved legitimate ownership) for a fee.
    Only trust Pipe-smoking Penguins.

  10. #10
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by isildur
    I was a bit intrigued by the Eeprom issue, not having ever had it come up personally. There were a few sites that claimed the only method around that was the old soldering iron and a replacement chip. I saw some others mention using ultraviolet to clear the password. Others claimed you could send it to them and they would fix it for you (providing you proved legitimate ownership) for a fee.
    About 10 years ago I was a certified Compaq and Toshiba service engineer working for a repairshop. Some laptop models did have those eeprom passwords, even back then. IIRC for certain Toshiba models you needed to have a special connector, attach it to the printer port, turn the laptop on while holding F2 and the bios password would be cleared. Taking the batteries out really didn't work.

    UV light erases 'regular' eproms not eeproms. Soldering the chip off will of course work but since it's all SMD you would need special equipment. One little trick I learned while working for a modem company was to temporarily short the Data-OUT to ground (it used a serial data interface) of the eeprom and turn it on. That would effectively erase it.
    Last edited by SirDice; May 16th, 2008 at 03:49 PM.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Similar Threads

  1. Stolen UK govt. laptop
    By nihil in forum Security News
    Replies: 5
    Last Post: March 3rd, 2008, 02:15 AM
  2. XO Laptop - The $200 Hacker Laptop!
    By wolfman1984 in forum Hardware
    Replies: 5
    Last Post: November 19th, 2007, 02:52 AM
  3. B of A : Hey, anyone seen my unencrypted laptop? :D
    By Egaladeist in forum Security News
    Replies: 0
    Last Post: October 8th, 2005, 10:12 AM
  4. Ten ways to kill your laptop
    By s0nIc in forum AntiOnline's General Chit Chat
    Replies: 3
    Last Post: June 14th, 2002, 06:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides