9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
Cybersecurity experts at New Zealand-based CyberCX have detailed and demonstrated a surprisingly simple way to bypass the BIOS password on older Lenovo laptops. You can enter the BIOS
Cybersecurity experts at New Zealand-based CyberCX have detailed and demonstrated a surprisingly simple way to bypass the BIOS password on older Lenovo laptops. You can enter the BIOS and disable password entry in the settings by closing the two contacts in the EEPROM circuit with an ordinary screwdriver.
It is emphasized that the Lenovo laptops used in the show have already been discontinued – these were the ThinkPad L440 (released in Q4 2013) and ThinkPad X230 (Q3 2012). However, laptops of other models and brands may be vulnerable if the BIOS password is stored on a separate EEPROM chip.
CyberCX experts have thought about the problem: Some well-used laptops need to be sold for parts if those passwords are lost due to their password-locked BIOS. After reviewing the documentation and some research papers, they realized that the following sequence of actions fixed the issue specifically for their Lenovo laptop:
Sometimes pointing helps to find the EEPROM chip you need – in the case of the Lenovo ThinkPad L440, it’s the L08-1 X, though not always. The contacts are almost close together, so you can really close them with an ordinary screwdriver. Also, when entering the BIOS you can change all the options, and the most successful time for manipulation does not have very rigid frameworks and some freedom of action remains. But if you do this immediately after turning on the computer, nothing will happen – after all, you have to wait a bit.
The authors of the study say that the reception can also work in other models, especially from other manufacturers. However, some modern systems with BIOS and EEPROM combined in a single case and placed according to SMD technology (Surface Mount Device) are more difficult to hack with this method – an “off-chip attack” is required. It’s better to use full disk encryption to really protect the laptop. CyberCX hinted that they want to continue their research: possibly try to read the password from the EEPROM or hack other machines with a screwdriver.
Source: Port Altele
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
