59

My friend gave me their old laptop before they left town. I was going to install linux on it and use it for a server.

I have basically given up doing anything because the BIOS is locked with a Secure Boot supervisor password which I guess they forgot about being there.

I've sent a message asking if they happen to remember it and would feel comfortable sharing it if it is not one they use for anything else. But the odds of both those things being the case are slim and I don't feel good about trying to get someone to share any password. Especially since it was so kind to just give me the machine in the first place. It's not practical to physically get the device and the person together in the near future.

It's impossible (or past my skill level) to install linux on this thing without the freaking password. I did manage to install windows. Last time I did that it was win2k. It will boot OK but I can't use that to circumvent the lock. But Ubuntu and a couple other distros are no gos.

It is so fucked that computers can be rendered bricks like this. Obviously yet another way to design in obsolescence disguised as a security feature. Encryption is one thing; this is independent of any data.

Gaaaaaah I spent most of the weekend trying to install linux on this otherwise perfectly functional machine. I think it's toast though.

all 50 comments
sorted by: hot top controversial new old
[-] blobjim@hexbear.net 35 points 1 year ago* (last edited 1 year ago)

A lot of the time motherboards have a two pins you can short to reset the BIOS to the factory install. Not sure if older laptops or laptops in general have them or not though.

Dell has an info page that shows reseating a motherboard CMOS battery to reset the bios https://www.dell.com/support/kbdoc/en-us/000124377/how-to-perform-a-bios-or-cmos-reset-and-clear-the-nvram-on-dell-systems

[-] glans@hexbear.net 12 points 1 year ago

Oh actually I came across something like this for my device except it seemed like it had a high chance of error and really frying the machine so I skipped it. Maybe I will return to it assuming the password doesn't magically appear in the near future.

I did try removing both batteries and the RAM and letting it sit for a few hours in hopes it would reset because I read something on a forum about that. I wasn't too hopefully it would work and it sure didn't.

[-] buckykat@hexbear.net 15 points 1 year ago

It's not really likely to fry anything. The CMOS battery is separate from the device's regular batteries, it's usually a little watch battery, there to keep bios settings and run the clock.

[-] Zvyozdochka@hexbear.net 12 points 1 year ago

glans is probably talking about jumper pins located on the board to reset the password, which could cause some troubles if you jump the wrong pins, though probably not complete machine death.

[-] buckykat@hexbear.net 7 points 1 year ago

Those are also unlikely to fry things. Online tutorials, especially ones from software guys, are really overscared of physical damage from opening machines and poking the insides.

[-] isame@hexbear.net 14 points 1 year ago

Listen hardware is scary okay?

[-] buckykat@hexbear.net 4 points 1 year ago

It's actually pretty hard to physically ruin computer hardware if you're not actively trying to

[-] isame@hexbear.net 7 points 1 year ago

I know, I know. But I can't revert inserting my CPU backwards.

For the record I've never done that. I just forgot the collar so was just rawdogging my CPU onto the board. Fortunately I didn't ruin anything somehow.

[-] buckykat@hexbear.net 5 points 1 year ago

Worst thing that'll happen from running a CPU with no cooler is it'll detect that it's getting too hot and shut down before it can damage itself, CPUs have had temperature sensors built in for a long time now.

I caught a graphics card on fire once by plugging in a too powerful power supply. I am not a smart man

[-] glans@hexbear.net 3 points 1 year ago

it was something to do with a paperclip

[-] Shinji_Ikari@hexbear.net 2 points 1 year ago

Usually these things are stored on an EEPROM chip on the motherboard. You can absolutely burn out the eeprom, bricking the machine until you can find someone who can do surface mount rework.

[-] glans@hexbear.net 3 points 1 year ago

Ya sorry by both batteries I mean the main battery and the CMOS battery

[-] Shinji_Ikari@hexbear.net 7 points 1 year ago

Modern dell machines will require you to call in to support, where you give part of the serial and they give you a master unlock.

Gone are the days of the cmos reset. The sysadmin at work was fired for being racist, then asked for a consultants fee to unlock the machines he didn't write down the passwords for.

[-] glans@hexbear.net 2 points 1 year ago

My machine is Acer and apparently you can bring it to an "acer service centre" (whatever that is) and they will fix for a fee rumored to be about $100.

[-] Shinji_Ikari@hexbear.net 1 points 1 year ago

They're probably talking about a bestbuy or equivalent

[-] dead@hexbear.net 26 points 1 year ago

I once bought a 2014 era thinkpad laptop that was locked with a supervisor password and I was able to remove it by using tweezers to short 2 pins on the password chip.

  1. I located the password chip on the motherboard. I think it was an 8 pin chip.
  2. I press tweezers to 2 pins. I don't remember which pin this was. I think it was gnd to something else. The intention here was to make the chip unreadable.
  3. I enter the bios and navigate to the screen for setting a supervisor password. Because the motherboard could not read the chip, the mother board thinks that there is no password.
  4. When I have the "set advisor password prompt" open, I removed the pin short. I typed a new password and press accept. The bios overwrites the old password on the chip.
  5. Reboot the machine and remove the password by typing the password that you created.
[-] SchillMenaker@hexbear.net 13 points 1 year ago

Hold on, the files are in the computer?

[-] Cummunism@hexbear.net 16 points 1 year ago

that isnt forced obsolescence, it's a security feature that is working correctly.

[-] glans@hexbear.net 10 points 1 year ago

What is it securing against?

[-] buckykat@hexbear.net 22 points 1 year ago

Fantasy evil maid attacks that never actually happen and secondhand users

[-] Zpiritual@lemm.ee 19 points 1 year ago
[-] isame@hexbear.net 9 points 1 year ago
[-] Zpiritual@lemm.ee 3 points 1 year ago

Users are the biggest security threat to any computing system. Hackers of all flavours are childsplay in comparison.

[-] Zvyozdochka@hexbear.net 9 points 1 year ago

It prevents people from messing with your secure boot keys for example, which is useful to make sure things haven't been tampered with software wise.

[-] glans@hexbear.net 5 points 1 year ago

Considering I had to get a new HD for it, I am not worried about the software.

Not that it has any software to speak of, since it doesn't boot. Except to windows, which as far as I can tell cannot exist in a state of non-tamperedness.

Exactly as secure as if I let it soak in a bathtub all night. Software definitely not compromised.

[-] Maoo@hexbear.net 6 points 1 year ago

It's mostly for businesses to lock down company computers. They can be more confident that users haven't installed certain kinds of viruses or otherwise screwed something up. For someone running Linux they installed themselves it won't make a big security difference.

There are Linux distros that can be installed with secure boot enabled. Are you prevented from installing them due to being unable to modify BIOS settings?

[-] glans@hexbear.net 2 points 1 year ago* (last edited 1 year ago)

Yes i tried ubuntu which is supposed to have all keys and stuff. But they arent cracking tools. You still have to enter the password if already enabled.

[-] raven@hexbear.net 3 points 1 year ago* (last edited 1 year ago)

They didn't very much care about not doing effectively planned obsolescence either. It's one of those things where they could have, I don't know, a program where you have to call the company to have it unlocked, and maybe they make you wait 2 weeks to prevent against an "evil maid" style attack? Maybe it gives you a scary message when you boot it from then on like chrome OS does.

If you still wanted to do an evil maid attack, and you were very committed, you could still just buy another of the same model of laptop, set up your rootkits or whatever else, then stuff the new guts in the old computer.

[-] glans@hexbear.net 3 points 1 year ago

seems to me like if you got it together to have a maid, and an evil one at that, you got it together to buy a second laptop

I think it should be disabled when the storage is removed, or after some arbitrary amount of time, or some other smart nerd solution I can't even conceive of.

[-] raven@hexbear.net 2 points 1 year ago

Exactly, you buy another laptop and the first one goes in the waste bin or some "recycling center" where they just stack up laptops in a warehouse and never "recycle" shit.

[-] Zvyozdochka@hexbear.net 7 points 1 year ago

What laptop is it? You may be able to find a master password online that will let you in. A bunch of older laptops have them and they're very well documented.

[-] glans@hexbear.net 2 points 1 year ago

Someone else insisted so here is all the details

  • model: Acer Aspire V3-575T

  • UEFI Version: 2.4

  • Board name: Usopp_SL

  • Board version: 1.18

  • BIOS manufacturer: Insyde Corp

  • BIOS version: 1.18

  • BIOS date: May 25, 2017

  • Acer product page

  • User manual

load more comments (3 replies)
[-] xXthrowawayXx@hexbear.net 7 points 1 year ago* (last edited 1 year ago)

whats the laptop?

e: here's an explanation of what information specifically i'm asking for and why, because it seems like several people have asked this question and not gotten an answer.

i'm asking for the manufacturer and model number. you can find it on the bottom of the computer, probably near where the windows license sticker is. the reason its important to know is that processes vary between models and the very first step to recovering a bios password is knowing what model of computer the bios is in.

[-] glans@hexbear.net 4 points 1 year ago* (last edited 1 year ago)

Well I really only wanted to complain but if youse all insist on being helpful:

  • model: Acer Aspire V3-575T

  • UEFI Version: 2.4

  • Board name: Usopp_SL

  • Board version: 1.18

  • BIOS manufacturer: Insyde Corp

  • BIOS version: 1.18

  • BIOS date: May 25, 2017

  • Acer product page

  • User manual

[-] xXthrowawayXx@hexbear.net 2 points 1 year ago

If it’s anything like the other offset trackpad ~15” acers there’s two possible passwords, the hard disk password and the user or administrator bios password. If you’re seeing the hard disk unlock screen, you need to press enter three times then use the key it gives you on bios-pw to generate the correct code. If it’s asking for a bios password to access or change the bios you need to first short the cmos jumper usually located under the ram and labeled something like jcmos or jcmos1. It’s a pair of copper pads you short together with a rock or something then remove your field expedient tool and try to boot the laptop. When you do that the unit shouldn’t ask for a password. If you still get the password check you need to run the acer clean password utility. Once I get home I’ll find a safe download link for that thing if there even is still one.

[-] glans@hexbear.net 1 points 1 year ago

device was given to me without a hdd so i put a fresh sdd in it. is def the bios. i didn't try this jumper stuff.

there's an acer clean password util?

[-] xXthrowawayXx@hexbear.net 2 points 1 year ago

Check that jumper first. It’s usually under the ram. You pull the battery first, then the ram, then short those two pads together with some conductive thing, then put the ram back in, then the battery then see if there’s a password. Don’t try to short the pads with a flat head screwdriver, sometimes the pads are slightly recessed and don’t make contact at the same time. Use a paperclip like a normal person. Stay on it for five seconds.

I’ll try to chase down a “good” copy of that acer password utility.

load more comments (1 replies)
[-] Evilsandwichman@hexbear.net 7 points 1 year ago

The computers are rebelling against Linux tyranny! Long live Microsoft! Long live windows 10! Viva la revolution! Down with the glorified dos box!

[-] shath@hexbear.net 9 points 1 year ago

Sir, come out and install your free tmcr version of windows 11! sir, please install your government mandated spyware and adware! SIR!!!

this post was submitted on 01 Nov 2023
59 points (100.0% liked)

technology

23313 readers
104 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 4 years ago
MODERATORS