[SoCoSA/discuss] Vandalism -- new passwd in BIOS
Steve S.
northbaygeek at gmail.com
Tue Jun 6 13:50:46 PDT 2006
We had a burglary/vandalism incident recently; among other issues, a
Toshiba laptop (Satellite Pro 6100) was taken. It has been recovered, but
(evidently as no more than an additional bit of vandalism) a password was
added to the BIOS: after I turn on power, I get the Toshiba splash screen
and then a blank screen with a plaintext "Password = " prompt (total time
from poweron, ~ 3 sec.)
Googling around suggests that this can be fixed with the right knowlege,
which I don't currently have. A parallel-port dongle or a USB key (depending
on model of laptop) will do the job. They seem to be easy enough to build, if
you just know the secret(s)... which I don't. I'd rather not spend $100ish
(which looks like the going rate) if I can put it together myself in an hour
with $5 worth of materials... or even find a local (Sonoma County) service
that will do it for a reasonable price.
Can anyone help me on either front?
Finally... the time seems to have come when I should finally Do Something
about security -- in particular, I'd like to make sure there are no keyloggers
or similar malware on this recovered laptop (the fact that there's a password
on the BIOS kinda stands out from the other (rather dim-bulb'ed) elements
of the burglary, so I can't rule out a Fagin with ulterior motives; even the
supposed Good Samaritan who bought it then went to the Sheriff)...
So, anyone have advice on scanning a arbitrarily-untrustworthy host like this?
I'm already considering Knoppix STD, so feedback on that one is welcome,
as well as alternatives (it's not clear to me how Windoze-savvy a knoppix-
based tool will be, and all our servers&workstations are Win-based ) .
Many thanks!
- Steve S.
More information about the discuss
mailing list