Re: BIOS and Hard Drive Passwords - Are they effective security approaches?

From: Lik Mai Sak (cuddlybear101_at_yahoo.com)
Date: 05/23/03 

Date: Fri, 23 May 2003 17:53:04 +1000

On Fri, 23 May 2003 02:06:54 GMT
"Doug Fox" <dfox168@hotmail.com> wrote:
> Are the benefits out-weighed the costs of deploying BIOS and/or Hard Drive
> passwords on laptops?
> People supports this idea claim that:
> It has one more layer of defense.
> People who do not support this idea claim that:
> If users forgot the BIOS passwords, the system could not boot up.
> It may increase the support costs.
> The BIOS passwords can be reset by a hardware technician in no time.
Many vendors use a dongle to do this, and the first thing they do is check the serial number against a known stolen list. Taking a stolen laptop to a repair centre to get the BIOS password wiped is not smart.

> If the
> "thief" is interested in data, he can remove the hard drive to another
> laptop.
> ??
You can enable encryption to protect data.

>
> If the users forgot their harddrive passwords. The system could not boot
> up.
> It could increase the support costs.
> It could "fire" the motherboard. (?)
> ??
>
> A better approach is to use PGP to encrypt the disk, or folders containing
> sensitive information.
> Any comments/input are appreciated.

Depends on the OS and the company involved's security policies. PGP tends to stuff IPSec under W2K in my experience which may or may not be a factor.
E.

Relevant Pages

  • Mobile Device Security, Was: Re: Dell BIOS DoS
    ... get rid of vendor master passwords and such. ... On Apple machines the boot ROM contains a graphical ... where is the real point of attack? ... Imagine someone stealing your laptop which is ssecured with some sort of ...
    (Bugtraq)
  • Re: Stolen Laptop, backpack, other things
    ... too) I put everything into a secure program with good encryption ... or in Splash ID for passwords, ... Also, just by chance, that particular laptop didn't have any e-mail ... are encrypted in Splash ID which is safe. ...
    (alt.sys.pc-clone.dell)
  • Re: For those of you with alarm storefronts
    ... For the laptop and any computer that has confidential information on it, ... would use an encryption program. ... I would also scan the contracts along with any passwords and store them as ... so the filing cabinets are still my biggest concern. ...
    (alt.security.alarms)
  • Re: Parallels and WinME
    ... which I use for anything without a security ... less pleasant is to see if the bank would accept BeCrypt instead of PC ... passwords to get into and two of those passwords must be completely ... Every laptop I have used that has BeCrypt on it has had the passwords ...
    (uk.comp.sys.mac)
  • Re: Want Dell Latitude Password/Service-Tag Generator Program
    ... "The laptop that was used in this demonstration is a Model 630 type PPX" ... original owner or help from Dell. ... passwords too, you just have to take the time to find the right one. ... http://www.newsfeeds.com The #1 Newsgroup Service in the World! ...
    (alt.sys.pc-clone.dell)