In his line of work, Instructables user [Harrymatic] sees a lot of Toshiba laptops come across his desk, some of which are protected with a BIOS password. Typically, in order to make it past the BIOS lockout and get access to the computer, he would have to open the laptop case and short the CMOS reset pins or pull the CMOS battery. The process is quite tedious, so he prefers to use a simpler method, a parallel loopback plug.
The plug itself is pretty easy to build. After soldering a handful of wires to the back of a standard male D-sub 25 connector in the arrangement shown in his tutorial, he was good to go. When a laptop is powered on with the plug inserted, the BIOS password is cleared, and the computer can be used as normal.
It should be said that he is only positive that this works with the specific Toshiba laptop models he lists in his writeup. It would be interesting to see this tried with other laptop brands to see if they respond in the same way.
Since no laptops are manufactured with parallel ports these days, do you have some tips or tricks for recovering laptop BIOS passwords? Be sure to share them with us in the comments.
What can you do to make sure your system is running as efficiently as possible? Take a page out of [Mux’s] book, who went to great lengths to measure and adjust his system for ultimate efficiency (translated). What he ended up with is 8.5 Watts of consumption at idle and about 50 Watts under load. Luckily he posted a six-part series with all of the details.
Some of the changes he made were in software, like reducing voltage to certain hardware by adjusting BIOS settings, and installing display drivers that put the screen into the proper sleep mode. Others were hardware changes like swapping out the power supply with a hacked PicoPSU and removing unnecessary parts from the motherboard like the MAX232 com-port chip. Looks like we need to audit our always-on MythTV box and see if we can apply any of these power-saving techniques.
[Dogbert] took a look at the security that goes into BIOS passwords on many laptops. He starts off with a little background about how the systems work. People are bound to forget their passwords, so when you enter a wrong one three times in a row you get a message similar to the one above that locks you out until all power is removed from the system (then you get three more tries). But check out that five-digit number in the picture. That’s a checksum of the password. Some BIOS versions display it automatically, some require you to hold down a certain key during POST, but it’s the pivotal data needed to crack the password.
[Dogbert’s] post doesn’t go into verbose detail about the algorithms he uses to brute force the passwords. But he has posted the Python scripts he uses to do so. Learning how to generate the passwords based on the checksum is as simple as studying the code, which is often the best way to learn.
This bricked Eee PC came to [Janzo] for about $50. Everything was fine with it, except for the failed bios update that rendered it useless to the last owner. [Janzo] set to work with an Arduino on a quest to repair the bios. He looked up the datasheet for the EEPROM that stores the bios and did some delicate soldering to gain access to the power and data pins on the device. A bit of trial and error and he was able to read the registers. Some comparisons between the output file and the official Eee PC bios file in a HEX editor confirmed that the first 80 bytes were fine but after that something went wrong. After coding a quick Python script [Janzo] reflashed the chip and had the computer up and running again.
We’ve seen Eee PC bios recovery before. This is a very simple method because it makes use of the simplicity we find in the Arduino. Nice job.
Hot on the heels of our post about reading passwords from EEPROM, [n0th1n6] tipped us off about a similar hack used to resurrect an Eee PC from a bad bios flash. After discovering that a factory repair for a dead bios costs about $200, [CutenaCute_7] took on the challenge herself. She disassembled the computer and desoldered the bios chip from the board. After writing a program to flash the chip using C#, she temporarily soldered jumpers to make sure the flash worked. Looks like this is a zero cost hack, plus the time savings from not having to ship her computer somewhere. Bravo.
A friend recently commissioned us to install OSX on a netbook. We advised him to purchase the Dell Vostro A90. It’s essentially a rebadged Dell Mini 9, a model that has been discontinued, but is well suited for OSX. It’s only available with a 1.6GHz Atom processor, 1GB RAM, and 16GB SSD. Depending on what deals are available, it’s $250-$300. We also had him purchase a 2GB stick of RAM which is the upper limit supported by the BIOS. Continue reading “Dell Vostro A90 hackintosh”
“Reformat it”. That’s pretty much our default answer when someone calls us complaining of malware and viruses. Though many can be removed, it can sometimes be quicker and less frustrating just to reformat it. Some of us even have specific ways that we organize all of our files just to make the quarterly reformat go smoother. Unfortunately, reformatting may no longer be the absolute cure. Researchers have developed a piece of malware that infects the BIOS. It is un affected by reformating or flashing. This means that it is also OS independent. They tested it on Windows and OpenBSD as well as a machine running VMware Player. This is a grim sign for the future.