On Sunday, December 18, 2016 at 11:15:59 AM UTC-5, '0194358'019438'0194328'01943 wrote: > Hello, > > does a BIOS password (against BIOS changes), gives a higher system security, > or it is more like a security fake and could be easily bypassed? > > Should I switch the IME off? > > Kind Regards
it can be bypassed and yes I believe most oem machines have backdoors. I know a trick to bypass my dell desktop with a usb stick. afterwards the bios passwd still prompts. It still errors if you type wrong passwd and works if typing correct one. But if you leave it blank it passes lol But I feel its still an extra layer of security, for a persistent and advanced attacker it might just mean 10 mins more of their time, but for someone else just being nosey, or if 15 mins is too long, it might mean not getting in at all. As an above poster noted too you could become aware of a change if it happens. This topic makes me think of all the newly found exploits in grub passwords or some encryption password prompts like on ubuntu. I always feel they are there on purpose. Thinks like hitting backspace 20 times or holding enter down for some seconds. simples of the simplest backdoors going years and years unnoticed. It makes sense they would be undermined cause in so many irc chatrooms they are always being undermined. You are either considered a criminal for wanting measures like this, or naive for wanting something so trivial. It basically depends on if it is too cumbersome for you to be bothered with or not. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/48d6e2d5-edc1-41cf-bc1f-50e9f9edff3f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
