|
|
Firmware password now more secure
|
|
|
|
Moderator Emeritus
Join Date: Apr 2001
Location: Wasilla, Alaska
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status:
Offline
|
|
|
"The natural progress of things is for liberty to yield and government to gain ground." TJ
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Not necessarily — all this tells us is there's not a recommended way to beat the firmware password. For all we know, the MacBook Air could be set up exactly the same way as existing Macs, since resetting the password on those requires rearranging the RAM, the RAM is not a user-accessible part on the MBA. Not sure about the MBP, although it stands to reason that if Apple technicians are able to defeat the firmware password, then there has to be some way to do it, which they are using.
I don't think it's ever possible to be 100% secure when the person you're trying to keep out has physical access.
edit: Actually, I doubt the process is different at all. Apple's knowledge base suggests the same thing for the 2008/2009 models, and I can't find any articles detailing the process for other Mac models, so my guess is that they have decided to add a solution to their knowledgebase site for people who have forgotten the firmware password, without broadcasting the weakness of said passwords for all to see.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
^^^ That makes sense.
If the Apple Store can do it, ANYONE can do it. It's just a matter of knowledge and some tools.
-t
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Jun 2001
Location: Northwest Ohio
Status:
Offline
|
|
Not to mention that the method will leak to the internets. It's only a matter of time.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status:
Offline
|
|
Depends. Physical security is a question of how long something takes. Switching the RAM around takes a few minutes. If it takes 30 minutes to reset, then that's a Good Thing. If it takes as long as it does today, then it's just annoying.
|
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Apr 2001
Location: Wasilla, Alaska
Status:
Offline
|
|
I can't say much more on this topic, but I think it will be a while before someone figures out how the new system works. I can say that the new process is certainly MUCH different than the old way.
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status:
Offline
|
|
Originally Posted by Person Man
Not to mention that the method will leak to the internets. It's only a matter of time.
I could detail the entire process here and non-Apple personnel would still be unable to disable the EFI password.
|
Vandelay Industries
|
|
|
|
|
|
|
|
Moderator Emeritus
Join Date: Apr 2001
Location: Wasilla, Alaska
Status:
Offline
|
|
That's a great way to put it, Art.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status:
Offline
|
|
I'm guessing challenge-response via serial number through Apple's repair tracking system.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Sounds like Apple actually DID improve security.
Good to know.
-t
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|