This is an old revision of the document!
Table of Contents
Mein Blog
Project Fail: HP ProBook BIOS Password Crack
Source: Nerdworld
Background
A second‑hand HP ProBook was purchased with a locked-down Windows 10 installation. The BIOS was protected by an unknown administrator password set by a cyber‑school IT department. Although the system could be wiped and reinstalled, the BIOS settings remained inaccessible.
Why Traditional Methods Failed
Older systems allowed BIOS password resets by:
- clearing CMOS jumpers
- removing the RTC battery
- resetting configuration RAM
Modern HP ProBooks store the password in a separate rewritable ROM. Therefore, CMOS resets do not remove the password.
HP officially offers a master unlock key, but only to large enterprise customers. Regular users receive no assistance.
Attempted Approaches
Several methods were explored:
1. YouTube Tutorials
Many videos claim to show reset methods, but none worked for this model.
2. HP BIOS Configuration Utility
HP provides a Windows tool that can modify BIOS settings, but it requires knowing the current password — making it useless in this case.
3. Rust-Based Brute Force Tool
A GitHub project attempted to brute-force the password via the HP utility. The program could not be executed successfully, and others reported similar issues.
4. Custom Python Brute Force Script
A custom Python script was created to:
- read password candidates from a list
- call the HP BIOS utility
- attempt to clear the password
- log each result
Each attempt took about 9 seconds, making brute force extremely slow.
Password List Generation
Initial lists:
- 50,000 common passwords → no success
- 100,000 passwords → no success
Expanded lists:
- 500,000 generated candidates (with leetspeak variations)
- another 500,000 unique candidates
Total runtime:
- ~52 days for each 500k batch
- nearly 6 months of continuous testing
No password was ever found.
Final Outcome
Despite months of effort, the BIOS password could not be cracked. The project is considered a “successful failure”:
- the laptop now runs Debian Linux without issues
- the process provided experience with scripting, automation, and AI-assisted coding
- it highlighted the robustness of modern HP BIOS security
Provided Files
The original project included:
- Python script for sequential password testing
- Python script for generating 1 million password candidates
- HP BIOS Configuration Utility
(See original source for downloads.)
Conclusion
Modern HP ProBook BIOS passwords are extremely resistant to brute-force attacks. Without the original password or HP enterprise support, unlocking the BIOS is effectively impractical. This project demonstrates both the limits of brute force and the value of experimentation.
YouTube and the Threat of Digital Bans
In recent months, discussions around digital freedom have intensified. One of the most striking concerns is the possibility that platforms like YouTube could face restrictions or even outright bans in certain regions. This blog post explores the context, risks, and implications of such developments.
Background
Governments worldwide are increasingly seeking to regulate online platforms. While the stated goals often include *security*, *protection against misinformation*, or *national sovereignty*, the measures can have unintended consequences:
- Blocking access to widely used services
- Limiting freedom of expression
- Disrupting technical infrastructure
Case Studies
Several examples highlight how attempts to restrict digital tools can backfire:
- Efforts to block the Tor Browser have led to collateral damage, including outages in unrelated services.
- Proposals for digital IDs raise concerns about surveillance and control.
- Discussions about banning encrypted services threaten privacy and secure communication.
Why It Matters
YouTube is not just entertainment. It is:
- A platform for education and tutorials
- A space for activism and community building
- A source of independent journalism
Restricting or banning YouTube would therefore impact millions of people who rely on it for knowledge, connection, and creative expression.
What Can Be Done
Individuals and communities can take steps to protect digital freedom:
- Stay informed about legislative changes
- Support organizations advocating for open internet policies
- Explore alternative platforms and decentralized tools
- Encourage dialogue about balancing security with freedom
Conclusion
The debate over banning YouTube reflects a larger struggle: freedom versus control in the digital age. While governments may pursue regulation, it is crucial to ensure that such measures do not undermine the very principles of openness and accessibility that make the internet valuable.
Security issues on satellites
Satellites Are Leaking Your Calls, Texts, & Browsing Habits
This video explores a recent research project that uncovered serious privacy vulnerabilities in satellite communications.
Overview
Up to *50% of satellite network traffic is unencrypted*, meaning it can be intercepted and read by anyone with the right tools. This includes sensitive data like phone calls, text messages, and internet activity.
Key Findings
- Many satellite internet providers do not encrypt traffic by default.
- Researchers used inexpensive equipment (under $300) to capture live satellite data.
- They were able to access:
- Personal messages
- GPS coordinates
- Web browsing sessions
- Corporate data transfers
Technical Details
- The team used a satellite dish, SDR (Software Defined Radio), and open-source decoding tools.
- No hacking was involved — the data was simply broadcast in the clear.
- The vulnerability affects geostationary satellites used for maritime, aviation, and remote internet access.
Implications
- Anyone with basic technical knowledge can eavesdrop on satellite traffic.
- This poses risks for journalists, remote workers, and companies using satellite links.
- Encryption should be mandatory for all satellite communications.
Windows running in a docker container
This video by Wolfgang demonstrates how to run a Windows operating system inside a Docker container — a creative and unconventional technical experiment.
Overview
Wolfgang explores whether it's possible to launch a full Windows environment within a Linux-based Docker container. Since Docker is primarily designed for Linux containers, this setup is more of a proof-of-concept than a practical solution.
Key Components
- Uses the unofficial `dockur/windows` image by Kroese
- Based on a modified Windows PE (Preinstallation Environment)
- Virtualization handled via QEMU
- GUI access provided through VNC (Remote Desktop)
Performance and Limitations
- Limited performance due to emulation
- Not suitable for production use
- Best used for experimentation or educational purposes
Conclusion
Running Windows in Docker is a fascinating hack that showcases Docker’s flexibility. While not practical for everyday use, it’s a fun and educational project for developers and tech enthusiasts.
Are virtual worlds dead?
Sno is looking into metaverses from 1995 to 2025. I did not even know of most of them. He even mentions SecondLife but he mentions “all” the players created worlds… and I cringed a bit. But as a noob one really seems to think so. Thanks he does not say its abandoned.