Re: Debian 2.2 and security - SecurityPortal article
Henrique M Holschuh <hmh+debianml@rcm.org.br> writes:
> On Thu, 31 Aug 2000, Olaf Meeuwissen wrote:
> > Change your BIOS settings to only boot from the internal disk and
> > password protect it. On my system I have such a setup and require a
>
> BIOSes are very easy to erase, you know. Some are even stupid enough to have
> 'master key' passwords. You really need to keep the machine behind a locked
> door (or in a special locked case) if you can't trust everyone who gets near
> it. Otherwise, it won't hold even a reasonably tech-savy 10 year old (read
> proto-hardware-hacker) that manages to stay 5 minutes alone near the machine
> in possession of some tools and a small resistor (if he's a nice kid) or
> piece of wire (if he's a not-so-nice kid or likes sparks) :-)
I don't meet such 10 year olds so often in real life, but I actually
had a user in our computer lab (about 20 years old) which played
around and discovered an unprotected BIOS which he `protected' himself
with a password of his own, so I had to open the machine and put off
the jumper. This was the lesson from which I learned to never leave a
BIOS without a (master-)password.
The other risk which a password protected BIOS and the appropriate
boot setting keep away are unaware users which leave their boot virus
infected floppy in the drive and turn their PC off and on again. I
found it's more often user unawareness and user stupidity I have to
care about than evil hackers and crackers, so easy things like BIOS
password protection are a good thing nevertheless.
Greetings,
joachim
Reply to: