Security Expert Defeats Lenovo Laptop BIOS Password With a Screwdriver (tomshardware.com) 31
Cybersecurity experts at CyberCX have demonstrated a simple method for consistently accessing older BIOS-locked laptops by shorting pins on the EEPROM chip with a screwdriver, enabling full access to the BIOS settings and bypassing the password. Tom's Hardware reports: Before we go further, it is worth pointing out that CyberCX's BIOS password bypass demonstration was done on several Lenovo laptops that it had retired from service. The blog shows that the easily reproducible bypass is viable on the Lenovo ThinkPad L440 (launched Q4 2013) and the Lenovo ThinkPad X230 (launched Q3 2012). Other laptop and desktop models and brands that have a separate EEPROM chip where passwords are stored may be similarly vulnerable. [...] From reading various documentation and research articles, CyberCX knew that it needed to follow the following process on its BIOS-locked Lenovo laptops: Locate the correct EEPROM chip; Locate the SCL and SDA pins; and Short the SCL and SDA pins at the right time.
Checking likely looking chips on the mainboard and looking up series numbers eventually lead to being able to target the correct EEPROM. In the case of the ThinkPad L440, the chip is marked L08-1 X (this may not always be the case). An embedded video in the CyberCX blog post shows just how easy this 'hack' is to do. Shorting the L08-1 X chip pins requires something as simple as a screwdriver tip being held between two of the chip legs. Then, once you enter the BIOS, you should find that all configuration options are open to be changed. There is said to be some timing needed, but the timing isn't so tight, so there is some latitude. You can watch the video for a bit of 'technique.'
CyberCX includes some quite in-depth analysis of how its BIOS hack works and explains that you can't just short the EEPROM chips straight away as you turn the machine on (hence the need for timing). Some readers may be wondering about their own laptops or BIOS-locked machines they have seen on eBay and so on. CyberCX says that some modern machines with the BIOS and EEPROM packages in one Surface Mount Device (SMD) would be more difficult to hack in this way, requiring an "off-chip attack." The cyber security firm also says that some motherboard and system makers do indeed already use an integrated SMD. Those particularly worried about their data, rather than their system, should implement "full disk encryption [to] prevent an attacker from obtaining data from the laptop's drive," says the security outfit.
Checking likely looking chips on the mainboard and looking up series numbers eventually lead to being able to target the correct EEPROM. In the case of the ThinkPad L440, the chip is marked L08-1 X (this may not always be the case). An embedded video in the CyberCX blog post shows just how easy this 'hack' is to do. Shorting the L08-1 X chip pins requires something as simple as a screwdriver tip being held between two of the chip legs. Then, once you enter the BIOS, you should find that all configuration options are open to be changed. There is said to be some timing needed, but the timing isn't so tight, so there is some latitude. You can watch the video for a bit of 'technique.'
CyberCX includes some quite in-depth analysis of how its BIOS hack works and explains that you can't just short the EEPROM chips straight away as you turn the machine on (hence the need for timing). Some readers may be wondering about their own laptops or BIOS-locked machines they have seen on eBay and so on. CyberCX says that some modern machines with the BIOS and EEPROM packages in one Surface Mount Device (SMD) would be more difficult to hack in this way, requiring an "off-chip attack." The cyber security firm also says that some motherboard and system makers do indeed already use an integrated SMD. Those particularly worried about their data, rather than their system, should implement "full disk encryption [to] prevent an attacker from obtaining data from the laptop's drive," says the security outfit.
Isn't this a good thing? (Score:3)
I thought this was to keep the casual office user from with fiddling with settings?
Re:Isn't this a good thing? (Score:5, Funny)
at first i thought it was a variant of the $5 wrench attack ...
Re: (Score:2)
This attack doesn't compromise the security of modern systems anyway. I don't know about these older models, but all current ThinkPads come with full disk encryption enabled, and Secure Boot on.
There is nothing you can change in the BIOS that compromises that. If you disable Secure Boot the OS won't decrypt the disk or load up. At worst you can make the system unbootable until an IT tech looks at it.
Not much of a surprise (Score:4, Insightful)
Though it merits pointing out and occasionally demonstrating that a competent attacker with physical access usually owns the system.
Re: (Score:2)
Not only physical access, but physical access with sufficient time and privacy to disassemble a laptop to get to the motherboard.
Re:Not much of a surprise (Score:5, Interesting)
This is well known, as it basically returns a read of all FF bytes, which is the same as an uninitialized/blanked eeprom.
This is used to circumvent quite a few configuration option lockouts or "Bad config option" conditions on numerous embedded platforms, if you are willing to take the risk.
I've done this with some embedded linux routers, for example. It forces a drop to uboot and turns on the debug serial port for diagnostics, which is useful if you want to bypass the normal validation processess of the running image, to flash a new image to the device. Did that on a Netgear WNDR5400, iirc. Short two pins with a conductive object, EEPROM read fails during the "no delays" uboot phase, forcing an exception in uboot, and dropping to the console with the serial port on. You can then push a new binary firmware without restrictions over the wire.
In this case, the bios code believes that the config eeprom is not in a sane state, and does not enforce any configuration stored there (because it cant be read), loads setup defaults, and allows access to the normal bios functions, as it is programmed to do.
This is a "no shit, sherlock" result. Arguably, a truly secured device would just brick if you tried this, or refuse to boot-- but would run the risk of being bricked by a software misconfiguration.
Regardless, it being an accessible eeprom means a clip-on cable and a programmer could still circumvent it, if the data in the chip is properly documented.
As stated, "Physical access, and will to gain access == PWN"
These kinds of attacks are why secure enclaves, like TPMs, are wholly enclosed inside the processor on modern systems. The goal is to deny physical access, even if the attacker has possession of the system. The side effect, is that end users likewise have no recourse when the TPM/secure enclave is used against them, by "Trusted Software Vendors" (ahem) "Not Trusting the User" is the INTENT with such systems-- The media companies that hide media decryption keys in there, do not trust you, citizen. You might DARE to make unencumbered copies.
Re: (Score:3)
Re: (Score:3)
Re: (Score:2)
These kinds of attacks are why secure enclaves, like TPMs, are wholly enclosed inside the processor on modern systems. The goal is to deny physical access, even if the attacker has possession of the system. The side effect, is that end users likewise have no recourse when the TPM/secure enclave is used against them, by "Trusted Software Vendors" (ahem) "Not Trusting the User" is the INTENT with such systems-- The media companies that hide media decryption keys in there, do not trust you, citizen. You might DARE to make unencumbered copies.
Hence TFA. The entire point is scare the end users into thinking that having *any* means of regaining control over / overriding the local system, even physically, is bad and thus should be removed / legally prohibited.
After all, politicians are far more likely to use Joe Sixpack screaming something about "security" as an excuse than to listen to anyone who knows anything about IT. Especially, when it gives the bought government and it's owners more power and control over the citizens.
"Hacker"? (Score:4, Insightful)
Haven't you been able to reset the BIOS by shorting a jumper since like.. the 90s?
Re: (Score:2)
Sometimes you don't want to leave any traces behind.
Re: "Hacker"? (Score:2)
Then you have to scrape pretty hard with that screwdriver.
Re: (Score:2)
It will be nowhere near as obvious as resetting the BIOS.
Re: (Score:2)
Oh, whoosh!
Re: (Score:2)
Yes, or just popping the battery out for 10 seconds...
Re: (Score:2)
And I'd have to check my resume to be sure, but I'm pretty sure the security-conscious clients I had back in the early 2K era already had me encrypting their laptops and locking things down so only recognized encrypted USB devices would work with the existing OS.
If not early 2K, not too many years later. The tools to secure your systems against all but state-backed actors (or the occasional top-notch indie) have been around for a while.
In the end, device security is like a home security system - you implem
Re: (Score:3)
Haven't you been able to reset the BIOS by shorting a jumper since like.. the 90s?
1. This doesn't reset anything. It prevents a read of the password configuration.
2. Shorting via a jumper typically activated a dedicated clear pin on the chip in question. The presence of this is optional, and I've not seen them in any laptop in the past decade or so.
3. Removing the battery cleared non-volatile memory and had the same effect, however the EEPROM being non-volatile stopped being a given over a decade ago. Flash based chips are now cheaper than classic EEPROMs of old and some devices do not h
BIOS is good for asset denial... (Score:2)
In some cases, BIOS is good for asset denial, for example, having an AutoPilot rule which sets up a setup password and locking the machine to only boot from a specific UEFI drive, or just setting a power on password on a machine that was reported stolen, so it can't be used again without that.
Re: (Score:2)
Good for asset denial, if you don't mind it being sidestepped with a screwdriver. If you want a reliable bootlock you need a secure domain in the processor with access to some eeprom/flash, for any open system the persistence of a lock can always be trivially compromised as shown here.
On PCs that means you need Intel AMT or AMD DASH and some contract with Intel/AMD to let you use it for asset management.
PS. Pluton will probably never be useful for a bootlock, because it seems it simply can't prevent booting
this information has been available for years (Score:5, Informative)
The Lenovo laptops on which this was demonstrated were ten and eleven years old, with third and fourth generation Intel Core series CPUs.
Information about resetting their passwords has been around for years. A quick search reveals:
Refurbishers have been doing this for years to make old off-lease ThinkPads ready for resale. It's not exactly new, nor is it a secret since the steps to do it are widely known.
Regards,
Aryeh Goretsky
Re: (Score:3, Informative)
I remember partly by accident bypassing the BIOS password on a Dell laptop in 2009 via the battery connector, and again deliberately (where a student had set a BIOS password on the school laptop) in 2013.
On Dell desktops there is even a Dell knowledge base article and a dedicated jumper specifically for resetting the BIOS password. The same with Dell and IBM servers (again with first-party instructions).
Re: (Score:2)
It was traditionally the case that resetting bios was simply pulling the battery because that was the only thing that held it in memory. This isn't a hack -
- this is the official method of the older era which required power for persisted settings.
Even with Dell and the passwd jumper, that still required batteries to persist the settings up until relatively recently. We have a handful of Dell Optiplex 980s (circa 2010) which are now being decommissioned (after a particularly long and reliable service
If you weren't using data encryption... (Score:2)
Even if he couldn't bypass the password, an attacker can just pull the SSD and access directly. The bios password is not going to provide any protection under any circumstances.
The old school hard drive password was harder to bypass, but ultimately still not an effective.safeguard.
Re: (Score:2)
Even if the SSD is soldered on, it still can be desoldered and read/written to if someone is good enough. This is what on-CPU TPMs are for (the reason for it being on the CPU is so the key can't be sniffed via traces on the motherboard), as well as BitLocker.
However, some BIOSes do use ATA disk locking still. This can be an actual theft deterrent, because the security is on the drive controller itself, and if a drive is OPAL compliant, there is a good chance the data is encrypted. With the drive requirin
Re: If you weren't using data encryption... (Score:2)
So if Bitlocker is enabled and the BIOS is reset as described, the TMP will still pass the cleartext, sniffable key?
Big deal? No, not really (Score:2)
Re: (Score:2)
People didn't know this ? (Score:2)
"The chip Ford had taken out (Score:1)
was the one which contained the instructions for all the conditions that had to be fulfilled in order for the robot to feel happy. The robot would be happy when a tiny electrical charge from a point just to the left of the chip reached another point just to the right of the chip. The chip determined whether the charge got there or not.
Ford pulled out a small length of wire that had been threaded into the towel. He dug one end of it into the top left hole of the chip socket and the other into the bottom righ