From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Sun, 8 May 2005 17:15:25 +0100 From: Ralph Corderoy Message-Id: <200505081615.j48GFPA02360@blake.inputplus.co.uk> To: 9fans@cse.psu.edu Subject: Re: [9fans] writing code In-Reply-To: References: Topicbox-Message-UUID: 4683e2c0-ead0-11e9-9d60-3106f5b1d025 Tim Newsham wrote: > > i think it's realistic. a boot cd would get you the same access. > > if you get physical machine access, you win. typing a password to > > authenticate to the local system gives you the feeling of security, > > not actual security. > > To prevent this you either need to prevent someone from booting (ie. > bios password and hope they dont go through the trouble of yanking the > drive or resetting the bios) or you need to protect the disk (after > all thats probably what they want to get at after they log in, not > network access or the gui). The ATA spec. has passwords that are stored in the hard drive unit. The password must be given before the drive will respond with anything useful. It isn't a BIOS password so moving the drive doesn't help. Forgetting the password is a pain; there's a `master' one known to the manufacturer but that just lets you re-format the drive if you can persuade them, e.g. Dell, to give it to you. Cheers, Ralph.