Installed an OmegaOne Battery Pack 2003 (www.omegaone.com) and selected the Power Adjust option and tick the POWER TASK BUTTON & MENU and selected TAPPING X Closes Programs function. I've activated the PASSWORD functionality. After doing a soft reset the pasword prompt appeared. I was surprised when I tapped on the (X) found at the top right hand corner of the screen, the PASSWORD prompt was closed and you have full access to everything. Same problem happened when you use any of the PASSWORD options in HP IPAQ5550 ie. BioSwipe, password, etc. I've log this problem with HP Australia and they're hopeless and until know I'm still waiting for a call back from their Senior Technician person named ARMAN. This is very dissappointing, HP's claim on improve security on the 5500 series is a big ???? BTW, I tried the same installation on a Compaq IPAQ 3970 & 3630 and the PASSWORD prompt CANNOT be bypassed, which is very good.

I decided to return my IPAQ5550 and get my money back. I now replaced it with an IPAQ2210 which runs on PocketPC 2003. I installed the same OmegaOne software and tried to see whether the same thing will happen with the PASSWORD functionality and I'm very pleased with the result, it cannot by-pass the PASSWORD prompt. So now I'm sure that the security software on the IPAQ5550 has a major defect and nothing to do with the OmegaOne software as HP initially said. I hope that HP will fix this problem asap.

One more thing I also noticed that the display on the IPAQ5550 is yellowish in colour compared to the IPAQ3970 display which is whiter and crispier. It looks like since HP took over COMPAQ quality is sacrificed. I also heard that the 5550 is actualy made by LG and rebadged to HP (not sure if this is reliable source, but I'm not surprised if it is true). *grrr* *grrr* *grrr* *grrr*

Hi Gawko, I have a HP5550 and although I dont have an OmegaOne Battery Pack 2003 to install, I dont get the "X" in the corner to attempt closing down the password or with the Bioswipe option. This would seem to be something that happens only after you install OmegaOne Battery Pack 2003, which would then have to be a Battery Pack problem, rather than a problem with the HP5550..I have compared the HP5550 with a 3630 here and the colour seems to be about the same level of brightness..maybe you got a bad unit*static* ??

Hi Gawko, I have a HP5550 and although I dont have an OmegaOne Battery Pack 2003 to install, I dont get the "X" in the corner to attempt closing down the password or with the Bioswipe option. This would seem to be something that happens only after you install OmegaOne Battery Pack 2003, which would then have to be a Battery Pack problem, rather than a problem with the HP5550..I have compared the HP5550 with a 3630 here and the colour seems to be about the same level of brightness..maybe you got a bad unit*static* ??

Hi Gawko, I have a HP5550 and although I dont have an OmegaOne Battery Pack 2003 to install, I dont get the "X" in the corner to attempt closing down the password or with the Bioswipe option. This would seem to be something that happens only after you install OmegaOne Battery Pack 2003, which would then have to be a Battery Pack problem, rather than a problem with the HP5550..I have compared the HP5550 with a 3630 here and the colour seems to be about the same level of brightness..maybe you got a bad unit*static* ??

Sorry about the three posts..I was fighting with someone for the mouse..he got a smack in the nose, you got three message..my bad.


If an admin can delete the extra two messages, I would be most obliged.


Tempest

From the sound of things, the problem <U>isn't</U> O1 Battery Pack 2003. Battery Pack just illuminates the problem, because it provides a way to stop a process, not unlike HP's own iTask application. The real issue is that HP claims to have a secure front-end app that requires password or biometric authentication, but all you have to do is close down this front end and the security goes away. Any valid front-end security model prevents you from killing the authentication process.

According to Gawako's post, this does not happen on 36xx, 39xx, or 22xx machines (with BP 2003 installed). They behave just as you would expect them to, preventing you from killing the password-entry prompt. It sounds like HP has a glaring security hole with the 5550, and needs to acknowledge it and fix it. Lots of people are walking around now with expensive machines they think are secure because they get a password prompt at start-up, just as many people think that a Win98 machine is secure because it asks for a password; it's not!

This also makes you wonder about the 5450 - can anyone confirm whether it has the same vulnerability? Also, I'd be interested to know if you can call iTask when the password prompt comes up, and kill it that way. On my 3650 iTask is assigned to a hardware button by default; I assume it is on the 55xx as well.

Tempest, thank you for your reply. Comparing the 3630 and the 5550 in terms of the quality of display, you are right there is no difference however if you have access to a 3970 you'll see a difference.

My understanding of software releases, the company i.e. HP has the responsibility to make sure that when they release a software that they work. These Manufacturers claim high about their products to boast sales. HP claims they have a very good security on their 5550 (one reason why I bought it)and every user expects this to be true. Unfortunately I don't think HP did a thorough testing of their product and they should come up with a fix asap. Another sad story, speaking to their Technical personnel is hopeless. They sound they know their product VERY WELL but they don't. One guy even claims his been with the company for years and knows the 5550 back to front. I just ask him a simple question about the BioScan and his reply was to go to Congent System web site and tell them my problem. WHAT A GREAT WAY TO PROVIDE TECHNICAL SUPPORT. THEY USE THE PASS THE BUCK PROTOCOL. And I suffer with the problem.

Gawako,

Can you use iTask to kill the BioScan or password prompts, or does it only work with the Battery Pack Power Task menu?</P>

9Ballr,

FWIW I've just checked my 5450 (however I don't run Battery Pack) after a soft reset there's no option but the ones there should be - fingerprint or pin, certainly no 'X' to close the password application.

9Ballr,

Unfortunately, I've returned my 5550 and got my money back. The Security problem only occurs after installing the OmegaOne software. Didn't think of trying the iTask button.

Pseudoname,

Thanks for your input. I'm curious, can you use iTask to kill the password prompt or BioScan on the 5450?

9Ballr,

I justy gave it a whirl - the Itask button has no effect whilst the password screen is being displayed, but the panel pops up once you have get past the logon screen.

Cheers...

I tried bypassing the bioscan on my 5455, PPC 2002, ROM vsn 1.11.19, running BP2003 and I was unable to do so.

Could the problem be WMC 2003?

The acid test would be finding someone who is running BP2003on a machine that has been shown not to have this vulnerability, like a 39xx, and has been upgraded to WM2003. I believe Wormy has such a unit. If a 3970 on PPC 2002 doesn't have this problem and a 3970 on WM2003 does, then it's an OS issue. If neither one does, then it's more likely a problem that is specific to the 55xx.

Sorry guys... I sold all three of the 3970's I had :(