<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>I am sorry to double post. Would it be wise to shut down the bios level boot drives what other measures could a limited knowledge user take in act at that point? What if the bios has no set password feature? is their a 'RAM' level feature one can burn into the systems single disk before even MBR or any other bootloader gets it? Is there a way to implement Bios password login without the Bios supporting password accessibility? <br><br>Sorry for double posting,<br><br><div><hr id="stopSpelling">From: pj.world@hotmail.com<br>To: tclug-list@mn-linux.org<br>Date: Thu, 27 Feb 2014 22:45:59 -0600<br>Subject: Re: [tclug-list] Do strong root passwords prevent alternative access?<br><br>
<style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
--></style>
<div dir="ltr">What can someone with limited experience do to prevent or postpone even a bit a situation where their root password is useless beyond unplugging the machine for the wall? If the Machine supports a bios password can that help in ones defense mechanism? <br><br>Thank you,<br><br><div><hr id="ecxstopSpelling">From: ryanjcole@me.com<br>Date: Thu, 27 Feb 2014 22:37:28 -0600<br>To: tclug-list@mn-linux.org<br>Subject: Re: [tclug-list] Do strong root passwords prevent alternative access?<br><br>No. Nien. Nada. Zilch. Nunca. Bubkis.<div><br></div><div>Encrypted hard disks/drives/images are encrypted through and through. A root password is defenseless against a boot image - I can (and have, mind you, many times) take over a system using just a bootable CD or USB. I even reverse-engineered part of a vendor’s platform to show them exactly how prone to attack their hardware was.</div><div><br></div><div><br></div><div><br><div><div>On Feb 27, 2014, at 10:34 PM, paul g <<a href="mailto:pj.world@hotmail.com">pj.world@hotmail.com</a>> wrote:</div><br class="ecxApple-interchange-newline"><blockquote><div class="ecxhmmessage" style="font-size:12pt;font-family:Calibri;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;"><div dir="ltr">A simple question: Do strong passwords on a unencrypted harddisk 'root or sudo users' prevent really any sense of security if one chooses to boot into the system using a,an 'prefabbed .iso' or run a program that could search for a plain text password such as 'plain text'. Would the kernel version matter for security reasons in this event?<br><br>Thank you,<span class="ecxApple-converted-space"> </span><br><br><br></div>_______________________________________________<br>TCLUG Mailing List - Minneapolis/St. Paul, Minnesota<br><a href="mailto:tclug-list@mn-linux.org">tclug-list@mn-linux.org</a><br><a href="http://mailman.mn-linux.org/mailman/listinfo/tclug-list" target="_blank">http://mailman.mn-linux.org/mailman/listinfo/tclug-list</a></div></blockquote></div><br></div><br>_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
tclug-list@mn-linux.org
http://mailman.mn-linux.org/mailman/listinfo/tclug-list</div> </div>
<br>_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
tclug-list@mn-linux.org
http://mailman.mn-linux.org/mailman/listinfo/tclug-list</div> </div></body>
</html>