pac@munsell.UUCP (Paul Czarnecki) (09/26/86)
I have some friends with an ATT 3b2 that has a firmware password in it.
They'ld like to rebuild thier kernal but they can't because a previous
and long gone engineer changed this firmware password.
The documentation seems lacking (for obvious reasons) about how to
defeat this protection scheme.
(Why don't they call ATT and ask them? Well, you see, they don't quite
actually own the machine. Soon after they bought it they discovered
that it was a much better space heater or boat anchor than a computer.
They notified ATT that the machine did not satisfy them and to please
come take it away. Much letters and lawyers later, ATT cancelled the
bill but never picked up the machine. This was over a year ago. Now
they actually have a need for it.)
(I knew it wasn't a computer when one day, frustrated beyond belief at
it, I reached around and powered the beast off. On my screen flashes
the words, "System shutdown in 5 minutes." I sprinkled some holy water,
drew a pentagram around it, and cut the main power switch to the
building.:-)
If anyone knows how to do this please send me mail. PLEASE DO NOT POST
SUCH AN OBVIOUS SECURITY HOLE NOR WILL I SUMMERIZE TO THE NET.
Thank you.
pZ
--
Paul Czarnecki USENET, too much is never enough.
Eikonix, Corp.
Bedford, MA {adelie,encore,infinet}!munsell!pzrjk@mrstve.UUCP (Richard Kuhns) (09/29/86)
In article <305@pinney.munsell.UUCP> pac@munsell.UUCP (Paul Czarnecki) writes: >I have some friends with an ATT 3b2 that has a firmware password in it. >They'ld like to rebuild thier kernal but they can't because a previous >and long gone engineer changed this firmware password. > >The documentation seems lacking (for obvious reasons) about how to >defeat this protection scheme. > >(I knew it wasn't a computer when one day, frustrated beyond belief at >it, I reached around and powered the beast off. On my screen flashes >the words, "System shutdown in 5 minutes." I sprinkled some holy water, >drew a pentagram around it, and cut the main power switch to the >building.:-) > >If anyone knows how to do this please send me mail. PLEASE DO NOT POST >SUCH AN OBVIOUS SECURITY HOLE NOR WILL I SUMMERIZE TO THE NET. > >Thank you. > >-- > Paul Czarnecki USENET, too much is never enough. > Eikonix, Corp. > Bedford, MA {adelie,encore,infinet}!munsell!pz I feel like I have to post a reply to this (I am an extremely satisfied 3b2 user/programmer/administrator). First, RTFM! The System Administration Utilities Guide explains quite clearly how to change the Firmware password -- just boot the `Floppy Key'. This will reset the firmware password to the default. Second, RTFM! Once again, the System Administration Utilites Guide explains how to start an `Express Powerdown'. If you "reached around to power the beast off", you did NOT power it off, you simply started `powerdown' running with all its defaults, specifically a 5 minute grace period. If you want to power the machine down as fast as possible, log in as `powerdown', or try `shutdown -y -g0 -i0'. I don't want to start a my-machine-is-better-than-yours war, but I couldn't let this pass. We currently have 3 3b2s (a 310 and 2 400s), and are very satisfied. Disclaimer: I am in no way associated with AT&T, I just like some of their products. -- Rich Kuhns {ihnp4, decvax, etc...}!pur-ee!pur-phy!mrstve!rjk
james@osi3b2.UUCP (James R. Van Artsdalen) (09/29/86)
As the posting system name should indicate, we have and use a 3b2. We are quite pleased with it. I would certainly agree that it is overpriced at list, but we bought ours used for a good deal less than list. It supports about 12 people total, with 5 on-line at once (averaging three or four throughout a day). In article <305@pinney.munsell.UUCP>, pac@munsell.UUCP (Paul Czarnecki) writes: > I have some friends with an ATT 3b2 that has a firmware password in it. > They'ld like to rebuild thier kernal but they can't because a previous > and long gone engineer changed this firmware password. > > The documentation seems lacking (for obvious reasons) about how to > defeat this protection scheme. > > (Why don't they call ATT and ask them? Well, you see, they don't quite > actually own the machine. Soon after they bought it they discovered > that it was a much better space heater or boat anchor than a computer. > They notified ATT that the machine did not satisfy them and to please > come take it away. Much letters and lawyers later, ATT cancelled the > bill but never picked up the machine. This was over a year ago. Now > they actually have a need for it.) The 3b2 runs extremely cool. It is shaped like a small box. It would make neither a good space heater nor a good boat anchor. :-) Seriously it sounds like these people had no business buying a computer if they needed something bigger than a 3b2 but didn't realize it until _after_ taking delivery. Be serious folks and hire a good consultant when you spend lots of money on things you don't understand (obviously this audience doesn't need this reminder, but some people still do). > (I knew it wasn't a computer when one day, frustrated beyond belief at > it, I reached around and powered the beast off. On my screen flashes > the words, "System shutdown in 5 minutes." I sprinkled some holy water, > drew a pentagram around it, and cut the main power switch to the > building.:-) DEFINITELY hire a consultant to select your computer! Just what did you expect to happen when you pulled the power cord? Did you expect it to get better??? Did you disbelieve that in fact the computer would be off in five minutes? The 3b2 is like any other computer: software problems are best solved with the power on... > If anyone knows how to do this please send me mail. PLEASE DO NOT POST > SUCH AN OBVIOUS SECURITY HOLE NOR WILL I SUMMERIZE TO THE NET. No hole exists of that form: physical access is required to defeat the firmware. And in any case the answer is rather obvious: disconnect the battery for a little bit. Once the battery is reconnected the firmware will default to the original password. This is no less a security hole than with any other computer: once you have unimpeded physical access by someone who knows the hardware & software (as is required to break security in this manner) you have the computer and its data. I realize I've sounded a bit heavy-handed in this article, but you gave several misleading impressions in your article. The 3b2 is not junk: were you expecting a VAX or something? It's a fairly reliable machine that runs 5 people very well to my experience (albeit that it's a bit overpriced). Secondly there is no real security hole with the firmware password: Simple physical security will prevent someone from changing the password in this manner. And finally, shutting off the computer out of frustration, especially arbitrarily removing power when the system would clearly complete the cycle on its own, it rather poor technique. One should never risk the file system(s) by simply removing power. At one point I had our 3b2 up for 5 continuous months without a reboot, and without a glitch. Turning off power nightly simply isn't the way to run a unix system... I've cross-posted this article to net.micro.att: you should be able to get other questions answered there. -- James R. Van Artsdalen ...!ut-ngp!utastro!osi3b2!james Live Free or Die
nxs@cuuxb.UUCP (Big Guy) (09/29/86)
Lets see now: Free machine, public netnews, security holes Well, if AT&T did not take it yet, they sure will now. If they don't, then I will give you the information you need.
roy@phri.UUCP (Roy Smith) (09/30/86)
> In <305@pinney.munsell.UUCP> pac@munsell.UUCP (Paul Czarnecki) complains: > I reached around and powered the beast off. On my screen flashes the > words, "System shutdown in 5 minutes." In article <256@mrstve.UUCP> rjk@mrstve.UUCP (Richard Kuhns) replies: > If you "reached around to power the beast off", [...] you simply started > `powerdown' running with all its defaults [...] to power the machine down > as fast as possible, log in as `powerdown', or try `shutdown -y -g0 -i0'. I've never used a 3b2, so I'm taking Richard's word for it that the only way to power-down the machine is via a software command. I'm sorry, but if this is really true, then that machine has some serious brain-damage to it. Hell, my Vax has software shutdown, but when the system die{ it's nice to know I can still hit that reset button or turn the key-switch to "off". Comes in handy when smoke starts to curl out of the disk drive too. On the other side of the coin, I wouldn't want some software bug to be able to power-down my system by mistake -- I know my disk drives are designed for that, but I still sleep better if I spin then down before turning off the power. Unix may still need a lot of improvements, but /dev/powerswitch isn't one of them. -- Roy Smith, {allegra,philabs}!phri!roy System Administrator, Public Health Research Institute 455 First Avenue, New York, NY 10016
heiby@cuae2.UUCP (Ron Heiby) (10/01/86)
In article <2445@phri.UUCP> roy@phri.UUCP (Roy Smith) writes: > I've never used a 3b2, so I'm taking Richard's word for it that the >only way to power-down the machine is via a software command. I'm sorry, >but if this is really true, then that machine has some serious brain-damage >to it. Hell, my Vax has software shutdown, but when the system die{ it's >nice to know I can still hit that reset button or turn the key-switch to >"off". Comes in handy when smoke starts to curl out of the disk drive too. The impression that the *only* way to shut down a 3B2 is via software is incorrect. It's just that that is the only *recommended* method, if you care about the data on your disks. There is a reset button on the 3B2, which puts the machine in firmware mode about as fast as you can read this sentance out loud. From firmware mode, the power switch shuts off the power real fast, since it's too late to try to rescue your buffer cache. If you suspect that your machine may be on fire, the power cord is your best bet. It has the advantage of being real quick. Oh yes, don't forget that the power cord is also useful if you think that your 3B2 is about to attack you physically. :-) (allusion to umpteen horror flicks) Remember, if you just want to shut the system off and aren't in a hurry (because of a tornado or something), let the system operate as intended. It'll save you grief with your filesystem when you come back up and give any current users fair warning to leave their edit sessions, etc. -- Ron Heiby heiby@cuae2.ATT.COM Moderator: mod.newprod & mod.os.unix AT&T-IS, /app/eng, Lisle, IL (312) 810-6109 "Hay una mujer desaparecida...."
carroll@snail.CS.UIUC.EDU (10/01/86)
I just thought I'd clarify the question of what type of powerdowns are available on the 3B2: Powering down a 3B2 can be done in a number of different ways, from the slow but generally safe to the quick and generally fatal. You can software shutdown, which is slow, or use a -g option to start NOW (which puts the users at risk), or hit the STANDBY switch, which starts the power down, or press RESET and hit the STANDBY, which turns it off VERY quickly, or yank the power cord (which is pretty much guaranteed to trash the file system). I have experienced 3B2's in a state where we had to pull the cord; i.e. nothing else worked. (The system hung, no terminal would respond, STANDBY and RESET/STANDBY had no effect after a couple dozen tries, etc.). We had one today that got floppy errors, and a software powerdown didn't have ANY effect (after the "system is down" message showed up, the disk light was still on, the power LED was still flashing, and we still got "Floppy Access Error" on the console every 30 seconds or so). This is the point at which the power is supposed to be OFF.
lear@topaz.RUTGERS.EDU (eliot lear) (10/02/86)
No security hole required if you have root access and wish to obtain
the floppy key. Simply go into crash and check out nvram fwnvr (or
something like that). The password is stored as text but crash won't
let you see it unless you are root.
eliot
--
The mind is a wonderful thing to waste!!
[lear@topaz.rutgers.edu]
[{allegra,seismo}!topaz!lear]root@killer.UUCP (Admin) (10/03/86)
The original poster indicated a lack of either understanding of the
system or Unix in general. There is no need for a firmware password just
to simply rebuild the kernel - a caveat - unless a kernel is built that
will NOT boot the system and cannot run. Simply make the desired changes
to /etc/master.d/kernel (tunable parameters), cd to /boot, mkboot -k KERNEL,
touch /etc/system. Then cd /, type in shutdown -y -i6 -g0 and the system
will autoreboot and generate a new /unix - just like magic. My system runs
news, heavy uucp (feeding four other sites), usually runs with 4-6 users
and does it well.
Disconnecting the power on a Unix system like that is also a good way
to create a neat-looking "desk-ornament" by corrupting the operating system
files. Maybe this is why a new kernel needs to be rebuilt ???
Charlie Boykin
...ihnp4!killer!rootpac@munsell.UUCP (Paul Czarnecki) (10/03/86)
As the originator of the request I think I can shed some light on this
matter and then let it die.
The 3b2 my friends have was first purchased over a year and a half ago.
The machine was very new then. I have been assured by some people at
AT&T that the problems which caused our disatisfaction (none of which
were mentioned in the article, nor are they germane to the issue here
(It wasn't not powerful enough, just buggy)) have been fixed by later
software releases. From talking with satisfied users, it appears that
any problems it once had have been fixed. I can't currently reccomend
the machine because I have not played with it recently, but it does
warrent a second look.
Now about that powerswitch... Did *anybody* see the ":-)" at the end of
the paragraph? The joke, you see, involves considering the power switch
to actually be a power switch even though it is plainly labeled ON and
STANDBY. After a frustrating session it is somewhat satisfying (in an
immature yet humanistic sense) to "kill" the machine by turning it off.
Having this not work is the punch line to the whole affair.
For a machine that just might wind up on a computer naive user's desk,
an ON/STANDBY switch IS A GOOD IDEA. The problems that such a switch
can cause by not shutting down the machine in the case of fire, flood,
nuclear winter are sufficiently rare and the savings here (no munged
filesystems) are tremendous. Good Idea ATT.
As an aside, I learned two things this week. Satire and Humor just
don't work in written correspondence. You must label them properly.
Also, never respond to personal hate mail with personal hate mail. Go
get a cup of coffee or watch MTV or something, wait 4 hours (or 4 days)
and then respond. Let cooler head prevail.
Fingers still smoking...
pZ
--
Paul Czarnecki -- Eikonix, Corp. -- Bedford, MA
{{harvard,ll-xn}!adelie,{decvax,allegra,talcott}!encore}!munsell!pz
-- USENET, too much is never enoughjk@opusys.UUCP (John Kullmann) (10/08/86)
In article <3900001@snail> carroll@snail.CS.UIUC.EDU writes: >or yank the power cord (which >is pretty much guaranteed to trash the file system). Are you telling me that if I type 'sync' (and there are no other users) and wait until the disk stops thrashing and then pull the plug the file system will be trashed?!?!??!?!? I'd like to know what extra work was done to the 3B2 to get this effect.
carroll@snail.CS.UIUC.EDU (10/11/86)
We only do that when the system is so totally bonkered that nothing else has any effect. In such situtations, there isn't the option of typing sync or getting users off the system.
james@reality1.UUCP (james) (10/14/86)
In article <309@pinney.munsell.UUCP>, pac@munsell.UUCP (Paul Czarnecki) writes: | As the originator of the request I think I can shed some light on this | matter and then let it die. | Now about that powerswitch... Did *anybody* see the ":-)" at the end of | the paragraph? The joke, you see, involves considering the power switch | to actually be a power switch even though it is plainly labeled ON and | STANDBY. After a frustrating session it is somewhat satisfying (in an | immature yet humanistic sense) to "kill" the machine by turning it off. | Having this not work is the punch line to the whole affair. I honestly did not see the smiley face. I thought I looked for one, particularly given theh kind of reply I was preparing to post, but I guess I didn't look hard enough. | For a machine that just might wind up on a computer naive user's desk, | an ON/STANDBY switch IS A GOOD IDEA. The problems that such a switch | can cause by not shutting down the machine in the case of fire, flood, | nuclear winter are sufficiently rare and the savings here (no munged | filesystems) are tremendous. Good Idea ATT. | As an aside, I learned two things this week. Satire and Humor just | don't work in written correspondence. You must label them properly. | Also, never respond to personal hate mail with personal hate mail. Go | get a cup of coffee or watch MTV or something, wait 4 hours (or 4 days) | and then respond. Let cooler head prevail. Again, sorry for misinterpreting the message. I guess it did come across pretty badly... *sigh* In face to face communications there many clues to satire and humor, and even verbal communication rarely seems to have this problem. Oh well, I'll look harder next time. | Fingers still smoking... | pZ | Paul Czarnecki -- Eikonix, Corp. -- Bedford, MA -- James R. Van Artsdalen ...!ut-ngp!utastro!osi3b2!james "Live Free or Die"
levy@ttrdc.UUCP (Daniel R. Levy) (10/15/86)
In article <146@opusys.UUCP>, jk@opusys.UUCP (John Kullmann) writes: >In article <3900001@snail> carroll@snail.CS.UIUC.EDU writes: >>or yank the power cord (which >>is pretty much guaranteed to trash the file system). >Are you telling me that if I type 'sync' (and there are no >other users) and wait until the disk stops thrashing and then >pull the plug the file system will be trashed?!?!??!?!? >I'd like to know what extra work was done to the 3B2 to get >this effect. Indeed, if you 'sync', and nothing else is running (uucp, etc.) which has a file open for writing, you have a good chance of getting away scot-free if you yank the 3B2's cord. When the system is powered back on, it will go through a fsck for each file system (since each file system with write access is marked "dirty" when mounted and then marked "clean" when properly dismounted, and the startup shell script runs a program which checks for "dirty" file systems before mounting them). But if nothing had made a change in the file system since the last sync action finished (sync actually only schedules a file system update) then the file system state will be set to okay ("clean") and that file system will then be mounted. Even if some programs have files open for writing when the power is killed, it is likely that any damage done will be limited to those files. -- ------------------------------- Disclaimer: The views contained herein are | dan levy | yvel nad | my own and are not at all those of my em- | an engihacker @ | ployer or the administrator of any computer | at&t computer systems division | upon which I may hack. | skokie, illinois | -------------------------------- Path: ..!{akgua,homxb,ihnp4,ltuxa,mvuxa, go for it! allegra,ulysses,vax135}!ttrdc!levy