-
May 14th, 2008, 12:11 AM
#1
Stolen Laptop
Hi
Am I right in thinking that anyone with the knowledge will get into a PC if they have physical access to the machine? A moderator on a forum I use has had her laptop stolen and thinks it will be protected because she "used an administrator coding on my computer to get it to operate so without that information, it is not accessible to anyone."
In other words, it was password protected before it even booted into windows. I've not heard of this, but would be interested to hear what the opinion is on its data accessibility. Could someone not just remove the hard drive (albeit a laptop hdd) and connect it to their own laptop?
-
May 14th, 2008, 12:39 AM
#2
The question is did she have the hard drive actually encrypted. If not then the typical password protection scheme will fail quickly. Even then, they can reset any bios password, wipe the drive and have a shiny new laptop to use.
Only trust Pipe-smoking Penguins.
-
May 14th, 2008, 01:30 AM
#3
No, the drive wasn't even containing an encrypted drive for confidential stuff unfortunately. She doesn't have admin permissions on this forum so her details are of limited use, but of course I'm concerned for her other personal items etc. I just wanted to confirm what I thought was true - anyone with physical access can get round a password protected system, even if it asks for the pass before even booting up.
-
May 14th, 2008, 02:08 AM
#4
Originally Posted by Moira
I just wanted to confirm what I thought was true - anyone with physical access can get round a password protected system, even if it asks for the pass before even booting up.
Consider it confirmed. It sounds like she has used a bios boot password. This can be circumvented by removing the bios battery for a while and then putting it back. This resets the bios settings (and any password that was was set in the bios).
The only way to truly protect your data is to properly encrypt the data or the drive that it is on with a strong encryption scheme.
\"Clouds are not spheres, mountains are not cones, coastlines are not circles, and bark is not smooth,
nor does lightning travel in a straight line.\" -Benoit Mandelbrot
-
May 14th, 2008, 02:45 AM
#5
OK, thanks for the help. Much appreciated though not very good news dammit
-
May 14th, 2008, 11:23 AM
#6
Originally Posted by omin
Consider it confirmed. It sounds like she has used a bios boot password. This can be circumvented by removing the bios battery for a while and then putting it back. This resets the bios settings (and any password that was was set in the bios).
Or just remove the drive physically and put it as a slave in another machine. All files are easily read there.
Do note that some laptop brands store the BIOS password in EEPROM. You can remove the battery for 10 years and the BIOS password would still be there.
The only way to truly protect your data is to properly encrypt the data or the drive that it is on with a strong encryption scheme.
Fully agreed.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
May 15th, 2008, 05:13 PM
#7
I came in to the world with nothing. I still have most of it.
-
May 15th, 2008, 09:15 PM
#8
Hello Moira, good to see that you have returned
This is a subject I have looked into over the years and I cannot really give you anything definitive without knowing the make and model of your friend's laptop.
1. BIOS password: This is something you have to enter before it will load the operating system. You can normally circumvent it by removing the battery or just flashing the BIOS from a floppy disk. It protects the machine, rather than the drives.
2. Administrator password........... just a fancy BIOS password.
3. Hard Drive password............. this is a difficult one, as it lives in a hidden area of the HDD or even on its own chip?
Some BIOS and drive passwords live on an EEPROM chip (frequently a 24C) and that makes them invulnerable to removing the power supply (battery).
I would guess that whomsoever stole the laptop merely wants to convert it into drugs? so it probably isn't that much of an issue, as they don't want the data?
-
May 15th, 2008, 10:48 PM
#9
I was a bit intrigued by the Eeprom issue, not having ever had it come up personally. There were a few sites that claimed the only method around that was the old soldering iron and a replacement chip. I saw some others mention using ultraviolet to clear the password. Others claimed you could send it to them and they would fix it for you (providing you proved legitimate ownership) for a fee.
Only trust Pipe-smoking Penguins.
-
May 15th, 2008, 11:09 PM
#10
Ah well, unless she had some kind of EEPROM chip, which I doubt from what she says, we'll just have to hope for the best and she can cancel her cards and other places she wouldn't want anyone else logging in as her. It sounds like an Administrator password, and it must be in the BIOS because she says it appears before she boot up.
Thank you for all the help.
Similar Threads
-
By nihil in forum Security News
Replies: 5
Last Post: March 3rd, 2008, 03:15 AM
-
By wolfman1984 in forum Hardware
Replies: 5
Last Post: November 19th, 2007, 03:52 AM
-
By Egaladeist in forum Security News
Replies: 0
Last Post: October 8th, 2005, 10:12 AM
-
By s0nIc in forum AntiOnline's General Chit Chat
Replies: 3
Last Post: June 14th, 2002, 06:47 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|