Ads by TechWords

See your link here
Receive the latest technology news and information.
Macintosh
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Open Firmware Security for Mac Workstations

August 12, 2005 12:00 PM ET

Computerworld - When Apple Computer Inc. introduced Open Firmware with the first G3 Macintosh computers, it was big news because it allowed Apple to easily modify system information previously stored in ROM. This meant that revisions made to ROM code after a computer had been manufactured and sold could still be applied to that computer. It also meant that Apple didn't need to patch the operating system to work around older ROM data. It wasn't until Apple introduced the iMac in 1998 that Open Firmware gained common use. The iMac introduced what's called New World ROM architecture, where some of the data previously kept in ROM could now be stored on in a file on a computer's start-up disk (which is even easier to update than firmware data stored on the motherboard).
I could go into many more details about Open Firmware besides its relevance to security, but I'll settle for one main point: Open Firmware is accessed immediately after the Mac's power-on self-tests and before any operating system loads from any device. Calls to it are used to boot with most start-up key combinations, including booting from CD, from a default NetBoot image, through target disk mode (where the computer's hard drive mounts as a firewire drive on another computer) or the start-up manager. As you have already guessed, most of these special start-up modes offer a way for a user to gain full access to a computer's hard drive.
If you can boot from a Mac OS 9 disk, then you have full access to the hard drive, regardless of the permissions assigned to files and folders. If you boot from a Mac OS X CD, you can use the Reset Password command to change the administrator and root passwords for the workstation. If you boot into target disk mode, you can use another computer to copy items from the hard drive. If you boot from an alternate disk (such as a CD, DVD or hard drive), you can run several versions of Unix or Linux and access any data you choose on the internal hard drive of the computer. CDs or DVDs, iPods and portable hard drives are all small, easy to carry, require little or no cables and can be unobtrusively attached to a workstation. And all of them can be bootable, easily allowing a user to circumvent any security measures and permissions you have configured on a workstation.

Open Firmware Security Modes
Open Firmware allows you to set a password for the workstation and to choose one



Jump to comments

Macintosh

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.


IT Jobs