My friend gave me their old laptop before they left town. I was going to install linux on it and use it for a server.
I have basically given up doing anything because the BIOS is locked with a Secure Boot supervisor password which I guess they forgot about being there.
I've sent a message asking if they happen to remember it and would feel comfortable sharing it if it is not one they use for anything else. But the odds of both those things being the case are slim and I don't feel good about trying to get someone to share any password. Especially since it was so kind to just give me the machine in the first place. It's not practical to physically get the device and the person together in the near future.
It's impossible (or past my skill level) to install linux on this thing without the freaking password. I did manage to install windows. Last time I did that it was win2k. It will boot OK but I can't use that to circumvent the lock. But Ubuntu and a couple other distros are no gos.
It is so fucked that computers can be rendered bricks like this. Obviously yet another way to design in obsolescence disguised as a security feature. Encryption is one thing; this is independent of any data.
Gaaaaaah I spent most of the weekend trying to install linux on this otherwise perfectly functional machine. I think it's toast though.
that isnt forced obsolescence, it's a security feature that is working correctly.
What is it securing against?
Fantasy evil maid attacks that never actually happen and secondhand users
Users
It is always users.
Users are the biggest security threat to any computing system. Hackers of all flavours are childsplay in comparison.
It prevents people from messing with your secure boot keys for example, which is useful to make sure things haven't been tampered with software wise.
Considering I had to get a new HD for it, I am not worried about the software.
Not that it has any software to speak of, since it doesn't boot. Except to windows, which as far as I can tell cannot exist in a state of non-tamperedness.
Exactly as secure as if I let it soak in a bathtub all night. Software definitely not compromised.
It's mostly for businesses to lock down company computers. They can be more confident that users haven't installed certain kinds of viruses or otherwise screwed something up. For someone running Linux they installed themselves it won't make a big security difference.
There are Linux distros that can be installed with secure boot enabled. Are you prevented from installing them due to being unable to modify BIOS settings?
Yes i tried ubuntu which is supposed to have all keys and stuff. But they arent cracking tools. You still have to enter the password if already enabled.
They didn't very much care about not doing effectively planned obsolescence either. It's one of those things where they could have, I don't know, a program where you have to call the company to have it unlocked, and maybe they make you wait 2 weeks to prevent against an "evil maid" style attack? Maybe it gives you a scary message when you boot it from then on like chrome OS does.
If you still wanted to do an evil maid attack, and you were very committed, you could still just buy another of the same model of laptop, set up your rootkits or whatever else, then stuff the new guts in the old computer.
seems to me like if you got it together to have a maid, and an evil one at that, you got it together to buy a second laptop
I think it should be disabled when the storage is removed, or after some arbitrary amount of time, or some other smart nerd solution I can't even conceive of.
Exactly, you buy another laptop and the first one goes in the waste bin or some "recycling center" where they just stack up laptops in a warehouse and never "recycle" shit.