Prev: Smoke odor removal
Next: Laptop typing the wrong keys
From: Nick Z. on 27 Sep 2005 12:53
Let me start by saying, I'm no hacker. This bug (and many many many
others) was discovered by normal everyday use of the T42 laptop from
IBM. And I asume it affects other systems as well.

The hardware is nice, aside from the plastic, that looks very cheap.
However, the software thats a whole diffrent story.
Is IBM hiring high school students to make their software? And I dont
mean this as a joke/over statement.

Everything is made in java, and I mean EVERYTHING. And everythign is
SLOOOOWWWWW, thats *if* it works.

Here is a simple example/tutorial/report on how to easily (and I really
mean easily) compromise the all powerfull HARDWARE security chip, that
is supposed make the system impenetrable from a security point of view.


Here I am thinking that by installing the "IBM Client Security
Software" and living with its bloat and incredibly slow logon time I am
protecting my data.

Here it goes:
1. Start the computer.
2. Grab a <place your favorite alcoholic beverage name here> and wait
for the IBM security software to "Communicate with the hardware."
3. The logon window appears.
4. Now keep entering the wrong passwords untill the software shows a
window saying somethign among the lines of system being temproraly
locked due to invalid login attemps. DO NOT CLOSE THAT WINDOW!
5. Instead just power off the computer. (hold the power button, pop out
the battery, w.e)
6. Power the pc back on, the software attemps to load, but says
security keys are corrupted welcome to windows.

Now wasn't that easy? More than that isnt that the first thing that a
cracker does?!!

Well unfortunately thats not all. Here is another bug that will
comporomize the "security" chip.

Here it goes again:
1. Power on the PC and logon any way you like.
2. Once you use it a little, hibernate. Wait untill the pc shuts off.
3. Now power the pc back on.
4. When the password dialog pops up, enter anything press enter, and
while its "Communicating with the hardware" to confirm the logon,
simply move the logon window across the screen.
5. You computer will bluescreen and crash...

T42 is the last laptop that I bought from IBM.
Lenovo should fire the whole software development department and start
from a clean slate, because this is nothing short of pathetic.

Thanks for listening,
Nick Z.

From: Robin Brumfield on 28 Sep 2005 13:15
In article <1127840013.117078.82630(a)g43g2000cwa.googlegroups.com>,
pacemkr(a)gmail.com says...
> Let me start by saying, I'm no hacker. This bug (and many many many
> others) was discovered by normal everyday use of the T42 laptop from
> IBM. And I asume it affects other systems as well.
>
> The hardware is nice, aside from the plastic, that looks very cheap.
> However, the software thats a whole diffrent story.
> Is IBM hiring high school students to make their software? And I dont
> mean this as a joke/over statement.
>
> Everything is made in java, and I mean EVERYTHING. And everythign is
> SLOOOOWWWWW, thats *if* it works.
>
> Here is a simple example/tutorial/report on how to easily (and I really
> mean easily) compromise the all powerfull HARDWARE security chip, that
> is supposed make the system impenetrable from a security point of view.
>
>
> Here I am thinking that by installing the "IBM Client Security
> Software" and living with its bloat and incredibly slow logon time I am
> protecting my data.
>
> Here it goes:
> 1. Start the computer.
> 2. Grab a <place your favorite alcoholic beverage name here> and wait
> for the IBM security software to "Communicate with the hardware."
> 3. The logon window appears.
> 4. Now keep entering the wrong passwords untill the software shows a
> window saying somethign among the lines of system being temproraly
> locked due to invalid login attemps. DO NOT CLOSE THAT WINDOW!
> 5. Instead just power off the computer. (hold the power button, pop out
> the battery, w.e)
> 6. Power the pc back on, the software attemps to load, but says
> security keys are corrupted welcome to windows.
>
> Now wasn't that easy? More than that isnt that the first thing that a
> cracker does?!!
>
> Well unfortunately thats not all. Here is another bug that will
> comporomize the "security" chip.
>
> Here it goes again:
> 1. Power on the PC and logon any way you like.
> 2. Once you use it a little, hibernate. Wait untill the pc shuts off.
> 3. Now power the pc back on.
> 4. When the password dialog pops up, enter anything press enter, and
> while its "Communicating with the hardware" to confirm the logon,
> simply move the logon window across the screen.
> 5. You computer will bluescreen and crash...
>
> T42 is the last laptop that I bought from IBM.
> Lenovo should fire the whole software development department and start
> from a clean slate, because this is nothing short of pathetic.
>
> Thanks for listening,
> Nick Z.
>
>
I have a T40p at work and have heard that the later models were really
bad. May hang on to this one until I retire in 5 years...:-)
--
Robin
Charleston, WV
 | 
Pages: 1
Prev: Smoke odor removal
Next: Laptop typing the wrong keys