First talk

Unlocked and leaked

Speaker

Darren (r3n5k1) and Craig (@craigsblackie)

Synopsis

The BIOS password is often seen as the first line of defence against all kinds of attacks and commonly involved in bypassing full disk encryption. In this talk we go over four different methods of circumventing this protection in modern Dell UEFI. Covering clearing the passwords, modifying the SPI flash DMA security settings to appear on when they are off, the “just ask nicely” approach, and a novel technique being discussed publicly for the first time which allows clear text extraction of passwords.

You may see this referenced as CVE-2026-40639.

Future talks

We’re still trying to build up a backlog of talks. If you’ve implemented a C2 on a smartwatch, want to walk us through the highlights of a CTF, or have some insight into the breakdown of security cooperation globally, we’re interested!

Drop a message to talks@dc4420.org with a title, synopsis and rough length, and don’t worry if you haven’t presented before.

We’re also happy to host other activities, like lockpicking, or demoing a new piece of kit, just let us know.

New location

We are no longer at the Phoenix! The next meeting will be at:

The Greene Man
383 Euston Road
London NW1 3AU

Closest stations: Great Portland Street, Warren Street, Euston.