Browse Prior Art Database

Preventing Unauthorized Access on a Personal Computer System

IP.com Disclosure Number: IPCOM000036313D
Original Publication Date: 1989-Sep-01
Included in the Prior Art Database: 2005-Jan-28
Document File: 3 page(s) / 45K

Publishing Venue

IBM

Related People

Bealkowski, R: AUTHOR [+5]

Abstract

This article describes a technique to prevent unauthorized access to a personal computer system when setting the bad battery flag by having a byte in complementary metal-oxide semiconductor (CMOS) RAM that can be made read-only by power-on self-test (POST) so that the contents can be read out but not modified.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 54% of the total text.

Page 1 of 3

Preventing Unauthorized Access on a Personal Computer System

This article describes a technique to prevent unauthorized access to a personal computer system when setting the bad battery flag by having a byte in complementary metal-oxide semiconductor (CMOS) RAM that can be made read-only by power-on self-test (POST) so that the contents can be read out but not modified.

In a personal computer system which has a system security feature based on storing the user's power-on password in real time (RT)/CMOS RAM, when the user turns the system on, the POST code resident in the

(Image Omitted)

system ROM executes. Before the system is booted, POST checks if a password is stored in RT/CMOS RAM. If it is, the password is sent to the keyboard controller and the area in RT/CMOS RAM that contains the password is locked out so that the password cannot be accessed, and the user must enter the correct password in order to boot the system.

There is a simple method to circumvent the security feature. Early in POST, the RT/CMOS RAM status register is read to determine if the chip has lost power (bad battery). The RT/CMOS RAM status register can be only read once. The contents of the register may change if read more than once, hence the need to store the state as the bad battery flag in RT/CMOS RAM.

(Image Omitted)

If the status register did indicate power was lost, POST sets a bad battery flag in RT/CMOS RAM. This flag is used as an indicator that the RT/CMOS RAM has lost power, and that the data cannot be considered valid. When this flag is set, POST will not prompt the user for a password, since, if the battery did fail, the password area may contain invalid data and will not lock the portion of CMOS that contains the password. When this happens, the password can be read from the RT/CMOS RAM. An unauthorized individual that wanted to gain access would simply set this flag on, for example, while the user is away from the system for a brief moment, using DEBUG, or via an executable program through a network. The next time the system is powered on, POST sees that the flag is set in RT/CMOS RAM indicating that the battery is bad, and does not prompt the user for the password or lock out the portion of...