SPONSORED LINKS
On Sun, 12 Mar 1995, Rohan Davidson wrote: > I know how to defeat the poweron password. On the 360 at least. It's a ... > For now, I will not make the crack public. Do we have a consensus on > whether it should die with me, or on the other extreme go in the FAQ > B.8. Power on password - not. You can die in peace - all of us with the hardware maintainance manual know how too - it's on page 285. It's not really an 'issue with IBM.' While it may seems silly to have a password that can be defeated, the fact is that it's not meant to be a major security device. Like all security devices, it acknowledges that there's nothing you can do that will 100% protect anything. It makes it difficult enough to make idle pilfering impossible. But examine the purpose of this thing: It won't keep you from having the 'pad lifted. Someone takes it, you don't have it, regardless of whether or not they can use it. It won't keep them from selling it for parts. The PCMCIA cards,HD and battery could be sold to anyone. The mainboard, case, keyboard and screen could be sold to a disreputable repair agent. These parts would probably be worth _more_ that way than the current market value of a used 'pad. More, if you consider that the whole unit is identifiable by the SN while, TTBOMK, only the mainboard and case are identified by SN if you strip the parts. It won't keep the fool who took it from tossing it in a canal when (s)he realizes it can't be booted. It won't keep someone from taking the HD out and putting it in another 'pad or a desktop machine to get the data. (The HD password is nominal protection, you should still use encryption if you really have important info on there) The only worthwhile purpose of this password is to keep people from sneaking peeks when you're away from the unit. And the procedure necessary to deactive the password is a sufficiently big pain in the ass to make that a nonissue, particularly if you lock the keyboard down. This password is no substitute for proper data protection procedures.