Re: [Full-disclosure] BIOS Flash erases all prior passwords on Acer Aspire 5102WLMi
endrazine a écrit : Just so you know : most Bios settings are stored on the Cmos, so if you can flash the Rom, you have ioperms at the very least on Cmos i/o ports, so you can reset the whole Cmos anyway. endrazine- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] BIOS Flash erases all prior passwords on Acer Aspire 5102WLMi
Tyop? a écrit : > Flashing the bios will erase all data. > It's a feature, not a bug. > > Bios passwords are stored on the CMOS, not the Rom itself, so no, it doesn't have to be. On the other side, if you can flash your ROM, you have iopl(3) hence root privileges or at least enougth privileges to get those passwors back (1). So that's really no bid deal. Regards, endrazine- (1) http://packetstorm.linuxsecurity.com/papers/password/Bios.Information.Leakage.txt side note: I think you both know nothing. Sadly, giving non technical _opinions_ has become the main source of postings on this list. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] BIOS Flash erases all prior passwords on Acer Aspire 5102WLMi
On Tue, 05 Dec 2006 22:37:36 +0100, Tyop? said: > On 12/5/06, richard cassidy <[EMAIL PROTECTED]> wrote: > > Flashing the bios on Acer Aspire 5102WLMi will erase all passwords > > previously set. This is obviously a bug! All passwords should not be > > wiped out with a bios flash (or at least they weren't on a Dell). Or, > > if they are, it should be stated up front so the passwords can be set > > again once the bios is "updated'". > > Flashing the bios will erase all data. So the big question becomes - on an Acer, are the passwords stored in the BIOS flash memory (in which case, having them evaporate on a BIOS flas is reasonable), or are they on the NVRAM chip, in which case it's a bug/misfeature? pgpv3j2wjqmOn.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] BIOS Flash erases all prior passwords on Acer Aspire 5102WLMi
On 12/5/06, richard cassidy <[EMAIL PROTECTED]> wrote: > Flashing the bios on Acer Aspire 5102WLMi will erase all passwords > previously set. This is obviously a bug! All passwords should not be > wiped out with a bios flash (or at least they weren't on a Dell). Or, > if they are, it should be stated up front so the passwords can be set > again once the bios is "updated'". Flashing the bios will erase all data. It's a feature, not a bug. -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] BIOS Flash erases all prior passwords on Acer Aspire 5102WLMi
Flashing the bios on Acer Aspire 5102WLMi will erase all passwords previously set. This is obviously a bug! All passwords should not be wiped out with a bios flash (or at least they weren't on a Dell). Or, if they are, it should be stated up front so the passwords can be set again once the bios is "updated'". https://www.synapsenow.com/synapse/data/7117/documents/AS31-51-5110_Flash_v200.zip If you forget the bios password, they require the computer to be mailed to them; then they charge $100USD (citing labor & security). The work around they don't tell you about is to download the bios flasher and update your bios. I tried contacting Acer about this bug and could not reach (was not transfered) the proper people; I've had teeth pulled that went better than trying to inform Acer. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/