Hi! IBM gave me Thinkpad 560X notebook, about year ago (thanx, it is nice beast). I discovered few misfeatures, and few bugs, some of them are related to security. Here it goes: * Thinkpad will boot from floppy, even if it has boot-up sequence set to hard drive first and hard disk is bootable. Floppy has to have IBM bootsector for this to work, for example personality setting boot disk distributed by IBM has it. I've successfully created Linux boot disk, which can be used on Thinkpad with floppy booting disabled. If someone relied on boot up sequence for security (I believe many people do), you are screwed. (BTW I use it now as a feature. Thinkpad will refuse to boot, if their self-tests fail (which is pretty bad behaviour: if your trackpoint fails, you are not unable to get to critical data stored on your thinkpad). Anyway, if you put IBM floppy, it will boot even if self-tests failed. So I can at least access my data. * Thinkpad will allow people to change personality information, even without supervisor password. Thinkpad has "personality" feature which allows people to mark their computer with their name, address, and picture. I use penguin ;-). Unfortunately, this info is changeable even without supervisor password. (And BTW floppy which allows you to change it has "magic" format.) This might be more severe than it seems, because, IMHO, setting personality information means flashing bios. I'm not sure if flashing in modified bios is UN-doable. * Easy setup - HDD tests. Easy setup is just plain ugly. It looks like a perfectly safe thing. Well, it will overwrite part of your hard drive without even asking for confirmation. It seems like hard drives come preformated to slightly little capacity then they really have. The rest is test zone, used for easy setup's rw tests. But if you happen to re-fdisk your drive, it is pretty easy to put normal partition into this zone (this zone is not documented anywhere). This one killed 2000 of your inodes 4 times. Last two times was random person coming around my computer, and launching tests because machine asked them to do so. Beware! [snip] As a side note, does anyone know if there are seals inside thinkpad 560X? IBM gave me computer, but they failed to give me warranty. I think broken trackpoint should not be _that_ hard to fix ;-). (This is trimmed version of page available at http://atrey.karlin.mff.cuni.cz/~pavel/thinkpad.html. I mailed a copy IBM week ago, and got no response so far. They had enough time.) -- I'm really pavelat_private Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:37:03 PDT