OMG!
Someone with a boot disc and access to my machine can completely format my mac and I will lose everything! I thought OS X was the most secure OS ever??!?!??!?! 
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Anyone can change the password to my mac, ridiculous
- Thread starter tennismanclay
- Start date
- Sort by reaction score
OMG!
Someone with a boot disc and access to my machine can completely format my mac and I will lose everything! I thought OS X was the most secure OS ever??!?!??!?! 
OMG!
Someone with no boot disc, but with a large hammer, can reformat your hard drive in such a way that it cannot be formatted again
I heard that years ago the US Army used WebStar as their server software, because the only way hacking into that server involved getting past two guys with machine guns first...
Really easy to get the password removed if you can physically get your hands on a machine.
Several methods have been posted on how to do this without the Restore DVDs.
All the firmware password does is add another step.
---
If you want to do this without the user knowing and removing the current password, then it becomes a tad more difficult.
Several methods have been posted on how to do this without the Restore DVDs.
All the firmware password does is add another step.
---
If you want to do this without the user knowing and removing the current password, then it becomes a tad more difficult.
What happens if you use a shared computer and you are the admin.
Would you kill the other users to prevent them changing your password or would you look for a more secure OS?
thanks guys, i have learned alot. The main reason i posted this thread was that we're on vacation and im not in the house much, so he could just get on my computer whenever he wanted to. I turned on the open firmware password or whatever with my install disks. So he doesn't really know a way around that.
-Clay
-Clay
Aloha everyone,
The cousin in question couldn't do the same with my iMac (20" Core Duo model). In fact, I couldn't even replicate it, even knowing exactly which commands he used. I am using the new slim keyboard, and my iMac doesn't recognize the boot keystrokes from this keyboard
A coworker gave me a PowerMac G4 (Gigabit Ethernet) so I purchased the new keyboard for the iMac, in order to use the iMac's original keyboard for the PowerMac (all I got was the computer). Little did I know that my iMac would not recognize keystrokes from this keyboard during start up.
HawaiiMacAddict
The cousin in question couldn't do the same with my iMac (20" Core Duo model). In fact, I couldn't even replicate it, even knowing exactly which commands he used. I am using the new slim keyboard, and my iMac doesn't recognize the boot keystrokes from this keyboard
A coworker gave me a PowerMac G4 (Gigabit Ethernet) so I purchased the new keyboard for the iMac, in order to use the iMac's original keyboard for the PowerMac (all I got was the computer). Little did I know that my iMac would not recognize keystrokes from this keyboard during start up.
HawaiiMacAddict
I'm curious about this. How can an unauthorized user gain access to a Windows PC that has a BIOS password set?
A BIOS password is like a firmware password. (Actually, it is a firwmare password.) Depending on the BIOS in question, you can probably disable it by opening the case and unplugging the battery, or by using a special cracking disk.
On a Mac with a firmware password, changing the amount of memory will reset a firmware password. The only way to prevent this is to lock the case shut (Power Macs and Mac Pros have a padlock hole for exactly this purpose.) Of course, a determined attacker with a set of bolt cutters can still break in...sooner or later, you have to either lock the computer in a vault up or stand in front of it with a firearm of some sort.
I have always set BIOS passwords on Windows PCs and have never been able to break it, either by removing the battery or using any disk. Without entering the BIOS password, the system won't even recognize the optical disk.
As many people have said, once someone has physical access to your hardware, they can get your data, OS notwithstanding. All it takes is some kind of secondary boot method--so-called BIOS passwords are trivial to overcome, usually all one has to do is remove the CMOS battery and move a jumper.
Bingo. If you happen to be a member of the tin-foil-hat society, the only way to protect your machine (and satisfy your paranoia) is to put your computer in one of those ablative-armour reinforced vaults that banks use, complete with armed guard.
OK, if BIOS passwords are trivial to overcome, name just one method that would work and I'll try it now on my Windows PC.
depends on the pc, most just have a bios reset jumper on the motherboard that with physical access and the case off can be used to reset the bios contents (and password). Some machines, like the thinkpad line, can not be reset short of a crapload of resoldering or an entire motherboard replacement. Machines with security measures like that are the tiny minority though.
I am curious as to how you reset the firmware password on the macbook air though
I am curious as to how you reset the firmware password on the macbook air though
It has been a while since I had to do this, but I believe you must remove the battery and jump the motherboard to remove the password.
It might vary with the version of the BIOS/MoBo. Sorry I forget as it has been a while.
Okay, since the question has been asked, and my memory is a bit rusty, I did some research and found out more (techniques) than I remembered.
All BIOS passwords can be reset. The technique varies depending on the computer maker and BIOS.
For some it might be using a backdoor password. Some might involve the simple removal of the battery for a period of time. For others, it involves extensive knowledge, time and soldering.
The key is that you must have physical access to the computer.
All BIOS passwords can be reset. The technique varies depending on the computer maker and BIOS.
For some it might be using a backdoor password. Some might involve the simple removal of the battery for a period of time. For others, it involves extensive knowledge, time and soldering.
The key is that you must have physical access to the computer.
This is obviously a trade-off.
If Apple did make the OS more secure, then for every user happier about the extra security, there could be 10 irate customers who can't get at their data after forgetting their password.
If Apple did make the OS more secure, then for every user happier about the extra security, there could be 10 irate customers who can't get at their data after forgetting their password.
Once you get physical access to the computer, it isn't a big leap to simply walking away with the laptop or pulling the drive on a tower.
Sort of pointless to worry about the password, when the computer itself is much less secure from theft than the password.
---
you can try something like PGP for sensitive data, but that adds another layer of problems for you if you have drive trouble.
And apple's version is problematic enough that you may be at greater risk of damaged data than a simple stolen laptop.
It would be great to secure my MBP in such a way that anyone who stole it would end up with a shiny aluminum paperweight, unable to get any data from it or use it in any way. While that's not realistic, the next best step is to make sure that (for example) if I have a house guest for a few days, they can't "hack" into my MBP without me knowing about it.
The BIOS password on PCs worked great because they'd have to be pretty computer (hardware and software) literate and if they did anything to reset the password, I'd know it the first time I booted up. I was hoping to find the equivalent for the MBP. Something that prevented them from booting up at all or gaining access to my files, without me knowing for certain that they had done it.
The BIOS password on PCs worked great because they'd have to be pretty computer (hardware and software) literate and if they did anything to reset the password, I'd know it the first time I booted up. I was hoping to find the equivalent for the MBP. Something that prevented them from booting up at all or gaining access to my files, without me knowing for certain that they had done it.
As others have mentioned, with physical access no OS is secure. Even with the OF or EFI password, you could still flash the pram to reset it back to no password... ALSO:
Up to 10.5.4, this would probably work fine too without rebooting:
osascript -e 'tell application "ARDAgent" to do shell script "passwd"'
You can patch this exploit with the exploit, btw:
osascript -e 'tell application "ARDAgent" to do shell script "chmod 755 /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent"'
Apparently Apple does not consider it to be serious. Sometimes I'd swear they put some M$ people in charge
Up to 10.5.4, this would probably work fine too without rebooting:
osascript -e 'tell application "ARDAgent" to do shell script "passwd"'
You can patch this exploit with the exploit, btw:
osascript -e 'tell application "ARDAgent" to do shell script "chmod 755 /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent"'
Apparently Apple does not consider it to be serious. Sometimes I'd swear they put some M$ people in charge
This is it.
And with good cause. Can you imagine the situation where an IT department is removed (i.e. sacked)..? The mayhem they can cause...
It always *should* be possible to be able to access the data of any server (computer) by having physical access to it. Some OS make it difficult, others easier... Apple's FileVault really is a good attempt of trying to disable access to home-dir data, even with the root password activated and known.