Several years ago a friend of mine made this rather nifty program that would completely lockdown your computer. I mean you couldn’t do ANYTHING except type a password and if you were wrong three times the computer shut down. Rebooting wouldn’t help, ctrl+alt+del wouldn’t help, powering off or unplugging the computer wouldn’t help…you get the point. Well, that guy is in jail now and through frequent formats I no-longer have that program but I would really like to get something similar. Does anyone know where I can get something like this for free? Thanks.
What you are describing would (I believe) require a program that encrypts or somehow damages the boot sector data if the required input is not given. Even if this happens a program like Norton’s Disk Doctor could probably “fix” the damaged boot sector so the data is recoverable, so I would imagine the the true security of this solution is open to question.
Sounds like a dangerous program. Encrypting sensitive files would probably be safer.
How did I describe that? I just want to keep my friends and a roomate off my computer, I’m not hiding anything, I just don’t want them using it (yea that sounds cold but you don’t know the whole story.)
Just put a password into your BIOS so when the PC reboots they have to type it in or they go no further. The only way I know around this is to take the battery off the BIOS board and then replace it, thus resetting it, I doubt they’d go that far.
If the PC is on put a screen saver with a password on.
Easy way around the screen saver password = reboot. Also, I put a password in the BIOS and rebooted and I wasn’t prompted for it.
Try again, you put a password on changing your bios settings. Look around in bios for “Startup Password” or some-such. You will need to enter that password to change that now…
Anywhosy, what sort of computer do you have, what bios (watch the screen when it first comes on). I have a Dell, a Gateway, and [sub]A Packard Bell[/sub]. The [sub]Packard Bell[/sub] is my wife’s machine, she uses it to coordinate her affairs.
Cisco might you aid us by informing us just what type of computer this is?
Im with the others, the bios password is an excellent choice.
As others have noted the BIOS password is the best way to proceed if you just want to keep random snoopers out. If the data is of such sensitivity and importance that you would be willing to have the boot sector nuked or modified to protect it (per the originally described “lockdown” utility) a good encyyption utility would have more absolute security.
I hate when everyone else has used all the smart ideas before I get here.
So, yeah, what they said. Specifically, Cisco and astro.
Another idea, depending on how technical you (and your friends) are: install a minimal linux section and make it the default boot OS. This way, they can’t use the computer without having a login/password and if they try to reboot, no good because it will reboot into linux. unless they know how to stop the autoboot and make it boot to windows, they’ll be outta luck. you can use linux for most tasks and boot to windows for those neat games or whatever you want windows for.
Another idea if money/ethics were not an problem is to just install NT/2000 the lock on NT (and I presume 2K) works as you describe, it won’t let you use the computer unless you type in the password, you can reboot, but NT requires a password to log into windows, and as the lock password is your login password so if they don’t know the lock password they can’t log into NT/2000. Another nifty thing about NT is that you could create a guest account with a policies enabled which would allow them to log on to your PC, but if you set the policies correctly they won’t be able to do anything damaging. With policies you initially disable every program, so that they cannot run anything (well just windows) and then you add in the programs you think they should have access to, so its hard to screw up. Plus NT/2000 is beautifully stable, and the ideas that games are hard to run is very overrated in my opinion. I’m not much of a gamer but I haven’t found a game yet that doesn’t run on NT.
Ok, I put passwords on the BIOS and the screensaver and it took my nemisis less than a week to get around them both. Rather amazing because I still can’t figure out where the hell I was while he was doing it. Anyway…any more ideas?
Getting around a BIOS PW is simple if he can get inside the machine. It’s usually just a marked jumper that will defeat or reset the PW. If he is actually getting the password (ie your password is still intact) and you don’t see him you are probably being monitored in some fashion you are not aware (unlikely) of or possibly you are simply mis-interpreting some normal change in your PC as an indicator it has been “accessed”. If the BIOS is saving your default PW in some way he could have jumpered it and reset the system back to BIOS PW mode with you being none the wiser.
Screen saver passwords are useless re real security as they can be bypassed by simply re-booting the machine and then jumpering the BIOS. If you have left the machine on and unattended this is probably what happened.
If he’s clever enough and you’re on network he might be getting into your PC remotely.
You can buy inexpensive case locks for most generic ATX chassis machines.
I’m a little confused though. You’re old enough to be living with roommates (let’s assume you are 18+) and they defy your direct request to leave your machine alone? I would suggest moving. If they are that disrespectful of your direct requests you have bigger problems on the horizon than computer security.
From what I gather, he found several different default passwords for my BIOS. So even if I locked my case and changed my password every day it would still be useless.
Damn, this guy 0wnz J00!
It looks to me like the only way you’re going to protect your system is by physically removing your hard drive and carrying it around with you.
But that’s really not the greatest idea, either, because HDDs can be damaged by too much handling. Plus, your joker friend might just try to prove you wrong by secretly formatting his own HDD to replace yours.
His next bright idea might be to change that BIOS password on you, which would be really annoying.
This is the part I really don’t understand about your description of the whole situation. I have worked with god knows how may PC’s over the years and I have never, ever heard of any BIOS based password system, short of possibly some monster server setup, having multiple default passwords. There is normally only one password for system bootup entry and once this is set that’s it, until the password is entered or changed (via the BIOS setup) or cleared via the jumper or if it’s battery backed up, removal of the battery. Even if he was smart enough to reset the jumper or do a related BIOS hardware bypass this would normally clear your password entirely.
There is sometimes a section in your BIOS under “security” or similar that sets two[u/] password levels. The first sets a password for entering the BIOS setup area to modify BIOS settings and the second sets whether you will be prompted for the BIOS password at startup for the system to continue booting. It sounds like (from your description) you have possibly set the BIOS password for entering the BIOS setup area but have not set it for bootup. This might be worth double checking.
I wrote something similar to what you described in the OP, but I did nothing to the boot sector as others suggsted. It was set up to run when the computer booted and allow for no other usage than password entry.
If you want something like that, I can do it really quickly and easily for you. I will not, however, write software that damages files or disables the boot sector of your computer. E-mail me if you want to look into it. Hasn’t failed me yet, and I’ve got 3 people begging access all the time. 
Nope, he definately knows at least one default (read: not the one I chose) password and he claims to know three. Also, of course I have both passwords set in the BIOS, one to get into the BIOS and one to boot the computer. Also, I found out last night that he is reading this thread.
Let me see if I have understood this clearly. You claim that
[ul]
[li] You have set the BIOS boot password to something he cannot possibly know.[/li][li] He still manages to boot the computer, by knowing a ‘default’ password.[/li][/ul]
If that is correct, there seems to be a serious security flaw with your BIOS. (What make/version is it?) Try to see if you can get hold of an updated version.
Otherwise it sounds like the only way is to physically lock the PC. There are ‘locks’ that you put in a drive bay, and connect between the MB and HDD, so that you need to turn a physical key to access the HDD. Off course this is easily twarted by opening the box and bypassing the lock, so you’t have to put the PC in a locked cage as well. I have no URLs handy, but I know that both products exist.
A physical cage is, as astro pointed out, necessary for full security.
(I second Civils concern about the idea of corrupting the data. Far too risky.)