IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [bios]

Basic Input/Output System (BIOS) is a software that is stored on a non-volatile ROM chip on the motherboard and BIOS is the first code run by a PC when powered on.

135 questions
98
votes
9 answers

Can a virus destroy the BIOS of a modern computer?

In the late 1990s, a computer virus known as CIH began infecting some computers. Its payload, when triggered, overwrote system information and destroyed the computer's BIOS, essentially bricking whatever computer it infected. Could a virus that…
user73910
  • 791
  • 1
  • 5
  • 7
46
votes
4 answers

Does adding a password to BIOS prevent malware from infecting it?

I'm looking into ways of hardening a computer's security. One of the things is the BIOS. Does adding a password to the BIOS prevent malware from infecting it? I have seen this article: Protecting the BIOS from malware but it doesn't mention…
user148283
  • 493
  • 1
  • 4
  • 7
30
votes
3 answers

Does password-protecting a server's BIOS help in securing sensitive data?

I'm running a server of which I protected the BIOS with a password. One doesn't have to enter this password before booting, but before entering the BIOS setup. I just did this from routine. However, there aren't really interesting settings in the…
user21287
29
votes
11 answers

What is the point of using an open source and secure OS if you are running it on a machine with closed source firmware?

I'm very interested in the OpenBSD OS, as it currently seems to me to be the option that takes security more seriously than its contemporaries. But as I was reading about it, it occurred to me that even if OpenBSD is all it claims to be, how does…
herzEGG
  • 399
  • 3
  • 5
24
votes
8 answers

Detecting and removing Absolute persistence technology

Absolute persistence technology amounts to a persistent rootkit pre-installed by many device manufacturers (Acer, Asus, Dell, HP, Lenovo, Samsung, Toshiba, etc) to facilitate LoJack for laptops, and other backdoor services: The Absolute persistence…
sampablokuper
  • 1,961
  • 1
  • 19
  • 33
21
votes
2 answers

Tamper-proof BIOS password & settings storage with Trusted Platform Module?

In the olden days, one could trivially bypass BIOS passwords on most PCs by removing the BIOS battery and clearing the CMOS. My question is: On modern PCs equipped with a Trusted Platform Module (TPM), how tamper-resistant are BIOS passwords and…
user2122
20
votes
2 answers

Bypassing the BIOS password

Are there any reliable methods that allow an attacker to bypass a BIOS password, or alter BIOS settings without entering the password? A few ideas come to mind: The old battery trick (remove battery, wait an hour, plug battery back in) Swap the…
Polynomial
  • 132,208
  • 43
  • 298
  • 379
18
votes
2 answers

Can BIOS malware be installed from OS?

Can an OS vulnerability be exploited to install BIOS/UEFI/firmware malware (such as a keylogger)? I know BIOS is a "deeper" level than the OS. I know firmware based keyloggers exist. I know they can be installed by an adversary flashing the BIOS.…
Emma
  • 181
  • 1
  • 1
  • 3
14
votes
2 answers

Write-protection at hardware level for security

It seems to me that to maximise server security, one ought - in addition to the usual security measures implemented in software - to prevent the overwriting of certain parts of the server system, such that only physical access will circumvent this…
sampablokuper
  • 1,961
  • 1
  • 19
  • 33
14
votes
4 answers

Unlock hard drive vs full-disk encryption

When I turn my notebook on, it asks me for the password to unlock the BIOS and than it asks me for the password to unlock the hard drive. How different is this 'password to unlock the hard drive' from the so-called full-disk encryption in terms of…
Strapakowsky
  • 3,039
  • 8
  • 26
  • 31
13
votes
4 answers

Is it possible to make one processor look like another?

(aka) Is it possible to hack CPUID instruction or BIOS to make it show wrong CPU information? Yesterday, I was having a chat with computer sales guy. He is little close to me. During the conversation he said that, A processor is not what it shows in…
claws
  • 2,145
  • 5
  • 19
  • 22
12
votes
1 answer

How to check the integrity of my BIOS?

Could it be possible that a virus rewrites my BIOS with some malicious code? If so, how could I protect against it, or at least how can I check that the BIOS hasn't been modified?
LanceBaynes
  • 6,149
  • 11
  • 60
  • 91
12
votes
4 answers

Is the Raspberry Pi vulnerable to injection beyond the SD Card?

I understand that it is possible for a code to be crafted for a given hardware/firmware to inject a virus that would not be removed by a wipe of the hard disk. Video card, and BIOS are examples of a possible destination for this type of badware to…
700 Software
  • 13,807
  • 3
  • 52
  • 82
12
votes
4 answers

My Samsung SSD password is case insensitive, how does this affect Full Disk Encryption?

I have a Samsung Evo 850 SSD, the 500GB model and it's supposed to benefit from Full Disk Encryption (FDE). Once you set a HDD password in the BIOS the FDE is supposed to kick in. However, I was surprised to discover that the password for my HDD is…
Radu Potop
  • 223
  • 1
  • 5
11
votes
3 answers

What use does a BIOS/EFI password have?

I have become quite a password-obsessed individual. I password-protect my HDDs, my files, and now even the BIOS/EFI on the various systems I own. But I have discovered that if you forget your BIOS password, it is easy (enough) to simply reset…
connor
  • 111
  • 3
1
2 3
8 9