Historique pour "How to delete all wipe clean all administration lock from drive"

Version actuelle par : Nick

Texte:

	*Author's note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*

	The MDM is tied to Google using the device S/N and is enforced with a local firmware lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the reference BIOS files used by all of the Chromebook OEMs), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (EEPROM programmer required with Chromebooks newer then the "CR-48" generation; Google fixed the CLI exploit and added an option to block the developer mode on the newer models even with the WP screw removed) there's no way to remove it without a new motherboard. It's effectively the same as MDM like Apple Business Manager and Jamf, which are tied to a provisioning ID unique to the machine and S/N it is associated with.

-	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And I laughed at the security of Chromebooks with one of the teachers I know who would expect me to do it? I did this in high school for sport to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*
+	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And I laughed at the security of Chromebooks with one of the teachers I know who would expect me to do it? I did this in high school for sport to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making the web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit.
+
+	*If anyone is qualified to debunk this, it's someone who knows what they're doing, has done a few of the dirty jobs, and has hands-on time getting it done. Simply put, Anything anyone pushes as a "fix" to remove the Chromebook MDM is either referring to a "CR-48," which is CLI exploit-friendly (as long as developer mode and terminal aren't pre-blocked), AND ALL MODELS USING IT ARE EOL NOW, or selling you a lie. The solution is a new motherboard, the end.*

Statut:

open

Modifié par : Nick

Texte:

-	*~~Authors~~ note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*
+	*Author's note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*

	The MDM is tied to Google using the device S/N and is enforced with a local firmware lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the reference BIOS files used by all of the Chromebook OEMs), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (EEPROM programmer required with Chromebooks newer then the "CR-48" generation; Google fixed the CLI exploit and added an option to block the developer mode on the newer models even with the WP screw removed) there's no way to remove it without a new motherboard. It's effectively the same as MDM like Apple Business Manager and Jamf, which are tied to a provisioning ID unique to the machine and S/N it is associated with.

-	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And laughed at the security of Chromebooks with one of the teachers I know would expect me to do it? I did this ~~stuff~~ in high school for sport ~~just~~ to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*
+	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And I laughed at the security of Chromebooks with one of the teachers I know who would expect me to do it? I did this in high school for sport to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*

Statut:

open

Modifié par : Nick

Texte:

-	~~The MDM is tied~~ to ~~Google using~~ the ~~device S/N, and enforced with a firmware lock~~. ~~Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the BIOS files for these; but they all use the same BIOS), find out~~ how to ~~reflash it (each~~ ~~OEM does~~ this ~~differently and this is also confidential beyond Google~~'s public-facing info) and change the serial number (which requires an EEPROM programmer on newer post-"CR-48" Chromebooks since Google fixed the CLI exploit and added an option to block the developer mode on these newer models even with the WP screw removed) there's no way to remove it without a new motherboard. ~~It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.~~
+	*Authors note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*

-	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, and if I ran into any of my old teachers mention the Chromebooks are just as easy? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class in the WinXP days so I could play Halo and make the school web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*
+	The MDM is tied to Google using the device S/N and is enforced with a local firmware lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the reference BIOS files used by all of the Chromebook OEMs), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (EEPROM programmer required with Chromebooks newer then the "CR-48" generation; Google fixed the CLI exploit and added an option to block the developer mode on the newer models even with the WP screw removed) there's no way to remove it without a new motherboard. It's effectively the same as MDM like Apple Business Manager and Jamf, which are tied to a provisioning ID unique to the machine and S/N it is associated with.
+
+	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And laughed at the security of Chromebooks with one of the teachers I know would expect me to do it? I did this stuff in high school for sport just to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*

Statut:

open

Modifié par : Nick

Texte:

-	The MDM is tied to Google using the device S/N, and ~~it is~~ enforced with a firmware~~-level~~ lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not ~~publically~~ release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (which requires an EEPROM programmer on newer post-"CR-48" Chromebooks since Google fixed the CLI exploit and added an option to block the developer mode on these newer models, even ~~when you remove~~ the WP screw~~; it is no better than replacing the motherboard!!!~~), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.
+	The MDM is tied to Google using the device S/N, and enforced with a firmware lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (which requires an EEPROM programmer on newer post-"CR-48" Chromebooks since Google fixed the CLI exploit and added an option to block the developer mode on these newer models even with the WP screw removed) there's no way to remove it without a new motherboard. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

-	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and ~~laughing~~ at ~~them with~~ my ~~high school~~ teachers ~~who know I'm up for a challenge~~? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make ~~fun of~~ the ~~way my~~ school ~~ran the~~ web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*
+	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, and if I ran into any of my old teachers mention the Chromebooks are just as easy? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class in the WinXP days so I could play Halo and make the school web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*

Statut:

open

Modifié par : Nick

Texte:

-	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (which requires an EEPROM programmer on newer post-"CR-48" Chromebooks since Google fixed the CLI exploit even when you remove the WP screw ~~and~~ is no better than replacing the motherboard!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.
+	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (which requires an EEPROM programmer on newer post-"CR-48" Chromebooks since Google fixed the CLI exploit and added an option to block the developer mode on these newer models, even when you remove the WP screw; it is no better than replacing the motherboard!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laughing at them with my high school teachers who know I'm up for a challenge? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*

Statut:

open

Modifié par : Nick

Texte:

-	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently) and change the serial number (which ~~will effectively do~~ the ~~same as~~ replacing the ~~board~~!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.
+	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (which requires an EEPROM programmer on newer post-"CR-48" Chromebooks since Google fixed the CLI exploit even when you remove the WP screw and is no better than replacing the motherboard!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laughing at them with my high school teachers who know I'm up for a challenge? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*

Statut:

open

Modifié par : Nick

Texte:

	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently) and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

-	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy"? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*
+	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laughing at them with my high school teachers who know I'm up for a challenge? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*

Statut:

open

Modifié par : Nick

Texte:

	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently) and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

-	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy"? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense.
+	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy"? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*

Statut:

open

Modifié par : Nick

Texte:

	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently) and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

-	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy"? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit.
+	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy"? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense.

Statut:

open

Modifié par : Nick

Texte:

-	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS) and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.
+	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS), find out how to reflash it (each OEM does this differently) and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy"? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit.

Statut:

open

Modifié par : Nick

Texte:

-	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N.
+	The MDM is tied to Google using the device S/N, and it is enforced with a firmware-level lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publically release the BIOS files for these; but they all use the same BIOS) and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.

-	If there was a way, do you not think I'd break into a few of the reasonably new ones so I ~~take home a few~~ and ~~claim a "prize" mocking~~ the ~~effectiveness of it I can use?~~ *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* I usually ~~don~~'~~t bother especially on school~~ surplus ~~which is beaten to death (or at least very, very abused and will likely need a chassis in short order) by students~~ at the same ~~time it's decommed~~.
+	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy"? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class and make fun of the way my school ran the web filter. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit.

Statut:

open

Modifié par : Nick

Texte:

	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N.

-	If there was a way, do you not think I'd break into a few of the reasonably new ones so I take home a few and claim a "prize" mocking the effectiveness of it I can use? **The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard. I usually don't bother especially on school surplus which is beaten to death (or at least very, very abused and will likely need a chassis in short order) by students at the same time it's decommed.
+	If there was a way, do you not think I'd break into a few of the reasonably new ones so I take home a few and claim a "prize" mocking the effectiveness of it I can use? *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* I usually don't bother especially on school surplus which is beaten to death (or at least very, very abused and will likely need a chassis in short order) by students at the same time it's decommed.

Statut:

open

Modifié par : Nick

Texte:

-	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as Apple Business Manager and ~~services like~~ Jamf which tie to it.
+	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N.

-	If there was a way, I'd ~~totally try and get~~ into ~~them and~~ take home a few ~~which aren't junky.~~ The ~~problem~~ is the ~~admin has to,~~ ~~and~~ I don't ~~have~~ the time~~/desire to contact the previous owner, especially when the odds some school kid beat~~ it ~~in their bag are not in my favor and it probably needs chassis parts~~.
+	If there was a way, do you not think I'd break into a few of the reasonably new ones so I take home a few and claim a "prize" mocking the effectiveness of it I can use? **The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard. I usually don't bother especially on school surplus which is beaten to death (or at least very, very abused and will likely need a chassis in short order) by students at the same time it's decommed.

Statut:

open

Modifié par : Nick

Texte:

	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as Apple Business Manager and services like Jamf which tie to it.

-	If there was a way, I'd totally try and get into them and take home a few which aren't junky~~, but~~ the admin has to, and I don't have the time/desire to contact the previous owner.
+	If there was a way, I'd totally try and get into them and take home a few which aren't junky. The problem is the admin has to, and I don't have the time/desire to contact the previous owner, especially when the odds some school kid beat it in their bag are not in my favor and it probably needs chassis parts.

Statut:

open

Modifié par : Nick

Texte:

	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as Apple Business Manager and services like Jamf which tie to it.

-	If there was a way, I'd totally try and get into them and take home a few which aren't junky, but the admin has to, and I don't have time/~~the~~ desire to contact the previous owner.
+	If there was a way, I'd totally try and get into them and take home a few which aren't junky, but the admin has to, and I don't have the time/desire to contact the previous owner.

Statut:

open

Modifié par : Nick

Texte:

-	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it.
+	The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it. It's effectively the same as Apple Business Manager and services like Jamf which tie to it.

	If there was a way, I'd totally try and get into them and take home a few which aren't junky, but the admin has to, and I don't have time/the desire to contact the previous owner.

Statut:

open

Contribution d'origine par : Nick

Texte:

The MDM is tied to Google using the device S/N, and a firmware lock. Unless you reflash the firmware and change the serial number (which will effectively do the same as replacing the board!!!), there's no way to remove it.

If there was a way, I'd totally try and get into them and take home a few which aren't junky, but the admin has to, and I don't have time/the desire to contact the previous owner.

Statut:

open

	*Author's note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*

	The MDM is tied to Google using the device S/N and is enforced with a local firmware lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the reference BIOS files used by all of the Chromebook OEMs), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (EEPROM programmer required with Chromebooks newer then the "CR-48" generation; Google fixed the CLI exploit and added an option to block the developer mode on the newer models even with the WP screw removed) there's no way to remove it without a new motherboard. It's effectively the same as MDM like Apple Business Manager and Jamf, which are tied to a provisioning ID unique to the machine and S/N it is associated with.

-	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And I laughed at the security of Chromebooks with one of the teachers I know who would expect me to do it? I did this in high school for sport to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*
+	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And I laughed at the security of Chromebooks with one of the teachers I know who would expect me to do it? I did this in high school for sport to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making the web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit.
+
+	*If anyone is qualified to debunk this, it's someone who knows what they're doing, has done a few of the dirty jobs, and has hands-on time getting it done. Simply put, Anything anyone pushes as a "fix" to remove the Chromebook MDM is either referring to a "CR-48," which is CLI exploit-friendly (as long as developer mode and terminal aren't pre-blocked), AND ALL MODELS USING IT ARE EOL NOW, or selling you a lie. The solution is a new motherboard, the end.*

-	*~~Authors~~ note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*
+	*Author's note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*

	The MDM is tied to Google using the device S/N and is enforced with a local firmware lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the reference BIOS files used by all of the Chromebook OEMs), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (EEPROM programmer required with Chromebooks newer then the "CR-48" generation; Google fixed the CLI exploit and added an option to block the developer mode on the newer models even with the WP screw removed) there's no way to remove it without a new motherboard. It's effectively the same as MDM like Apple Business Manager and Jamf, which are tied to a provisioning ID unique to the machine and S/N it is associated with.

-	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And laughed at the security of Chromebooks with one of the teachers I know would expect me to do it? I did this ~~stuff~~ in high school for sport ~~just~~ to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*
+	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And I laughed at the security of Chromebooks with one of the teachers I know who would expect me to do it? I did this in high school for sport to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*

-	~~The MDM is tied~~ to ~~Google using~~ the ~~device S/N, and enforced with a firmware lock~~. ~~Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the BIOS files for these; but they all use the same BIOS), find out~~ how to ~~reflash it (each~~ ~~OEM does~~ this ~~differently and this is also confidential beyond Google~~'s public-facing info) and change the serial number (which requires an EEPROM programmer on newer post-"CR-48" Chromebooks since Google fixed the CLI exploit and added an option to block the developer mode on these newer models even with the WP screw removed) there's no way to remove it without a new motherboard. ~~It's effectively the same as MDM like Apple Business Manager and Jamf which tie to a provisioning ID unique to the machine and S/N it is associated with.~~
+	*Authors note: I was the kid in high school who openly made deals with the right people to work around the web filter. I know how to deal with local management like MS AD and Apple Remote Desktop and have seen how remote management has evolved. I'm not new to this realm. Once I've written off something as unbreakable, it's not practical.*

-	If there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS), do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, and if I ran into any of my old teachers mention the Chromebooks are just as easy? I did this stuff in high school for sport so I could play Halo CE LAN parties with my class in the WinXP days so I could play Halo and make the school web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways looking at it wrong could break it unexpectedly and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this kind of nonsense. Unless you know your way around these things you would not know why any way to remove it outside of a new board is garbage advice which does nothing.*
+	The MDM is tied to Google using the device S/N and is enforced with a local firmware lock. Unless you reflash the firmware from scratch (which is nearly impossible without a dump, as Google does not publicly release the reference BIOS files used by all of the Chromebook OEMs), find out how to reflash it (each OEM does this differently and this is also confidential beyond Google's public-facing info) and change the serial number (EEPROM programmer required with Chromebooks newer then the "CR-48" generation; Google fixed the CLI exploit and added an option to block the developer mode on the newer models even with the WP screw removed) there's no way to remove it without a new motherboard. It's effectively the same as MDM like Apple Business Manager and Jamf, which are tied to a provisioning ID unique to the machine and S/N it is associated with.
+
+	Suppose there was a way to do this without losing the Chromebook BIOS and make it like new without custom hacking like flashing a standard PC BIOS (and losing Chrome OS). Do you not think I'd break into a few of the reasonably new ones to mock people who think these are secure as a "trophy" and laugh at how much of it is security theater, given my history of making deals in high school and forcing sysadmins on power trips to take an L? And laughed at the security of Chromebooks with one of the teachers I know would expect me to do it? I did this stuff in high school for sport just to play Halo CE at school LAN party style on WinXP to work around the district WAN port blocking while making web filter look like the joke it is. *The only way this gets removed is by the ORIGINAL OWNER unless you change the motherboard.* School surplus is usually more trouble than it is worth; they're either EOL or abused in so many ways. Looking at it wrong could break it unexpectedly, and you now need to rebuild a dirt-cheap surplus laptop at the same price as a replacement unit. *If anyone is qualified to cover this, it's someone who did a few dirty deeds in school and has the experience and chops to debunk this nonsense. Unless you know your way around these things, you would not know why any way to remove it outside of a new board is garbage advice, which does nothing.*

9 avr. 2024

Version actuelle par : Nick

Texte:

Statut:

9 avr. 2024

Modifié par : Nick

Texte:

Statut:

9 avr. 2024

Modifié par : Nick

Texte:

Statut:

20 nov. 2023

Modifié par : Nick

Texte:

Statut:

23 juin 2023

Modifié par : Nick

Texte:

Statut:

23 juin 2023

Modifié par : Nick

Texte:

Statut:

23 juin 2023

Modifié par : Nick

Texte:

Statut:

23 juin 2023

Modifié par : Nick

Texte:

Statut:

23 juin 2023

Modifié par : Nick

Texte:

Statut:

23 juin 2023

Modifié par : Nick

Texte:

Statut:

23 juin 2023

Modifié par : Nick

Texte:

Statut:

11 mars 2023

Modifié par : Nick

Texte:

Statut:

11 mars 2023

Modifié par : Nick

Texte:

Statut:

18 sept. 2022

Modifié par : Nick

Texte:

Statut:

30 juil. 2022

Modifié par : Nick

Texte:

Statut:

30 juil. 2022

Modifié par : Nick

Texte:

Statut:

30 juil. 2022

Contribution d'origine par : Nick

Texte:

Statut: