Re: Dell BIOS DoS

To: David Brodbeck <DavidB@xxxxxxxxxxxxxxxxxxx>
Subject: Re: Dell BIOS DoS
From: Jim Paris <jim@xxxxxxxx>
Date: Tue, 9 Dec 2003 17:50:31 -0500
Cc: "'jon schatz'" <jon@xxxxxxxxxxxxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <C823AC1DB499D511BB7C00B0D0F0574C5843FB@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <C823AC1DB499D511BB7C00B0D0F0574C5843FB@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.1i

> > seriously, bios passwords are worthless.
> 
> There is no such thing as security from someone who has physical access to
> the hardware.

There are different types of physical access.  For example, many
computers at my university are publically accessible but strapped to
the table in such a way that the case cannot be removed without a key
or a lot of force.  It is trivial to reboot them and attempt to enter
BIOS, but an entirely different matter to open it up and move a jumper
or swap the hard drive.

-jim

References:
- RE: Dell BIOS DoS
  - From: David Brodbeck

Prev by Date: Re: Internet Explorer URL parsing vulnerability
Next by Date: Mobile Device Security, Was: Re: Dell BIOS DoS
Previous by thread: RE: Dell BIOS DoS
Next by thread: Dell BIOS DoS
Index(es):
- Date
- Thread