Overclock.net › Forums › Software, Programming and Coding › Coding and Programming › What security does the BIOS enable
New Posts  All Forums:Forum Nav:

What security does the BIOS enable

post #1 of 3
Thread Starter 
Doing Security+ Certification and I am quite curious to have learned that an OS can be compromised if you can physically insert a bios chip with a modified bios on it. But the book I am using didn't specifically say what could be compromised. All I have come across so far is that the usage of the No Execute bit is initially activated in the BIOS. Anyone know what else?

Also didn't know if there was a better place to put this.
Croissant
(15 items)
 
  
CPUMotherboardGraphicsRAM
2600k Asus Sabertooth Z77 GTX 680 2x4 gigs G-SKill 
Hard DriveOptical DriveCoolingOS
Crucial C300 2x Asus DVD-RW Silver Arrow Win 7 
MonitorPowerCaseAudio
Dual ASUS 24" Rosewill 750 Capstone Corsair Carbide Air 540 The Basic sound blaster Z-Series 
  hide details  
Reply
Croissant
(15 items)
 
  
CPUMotherboardGraphicsRAM
2600k Asus Sabertooth Z77 GTX 680 2x4 gigs G-SKill 
Hard DriveOptical DriveCoolingOS
Crucial C300 2x Asus DVD-RW Silver Arrow Win 7 
MonitorPowerCaseAudio
Dual ASUS 24" Rosewill 750 Capstone Corsair Carbide Air 540 The Basic sound blaster Z-Series 
  hide details  
Reply
post #2 of 3
Quote:
Originally Posted by Thereoncewasamaninparis View Post

Doing Security+ Certification and I am quite curious to have learned that an OS can be compromised if you can physically insert a bios chip with a modified bios on it. But the book I am using didn't specifically say what could be compromised. All I have come across so far is that the usage of the No Execute bit is initially activated in the BIOS. Anyone know what else?

Also didn't know if there was a better place to put this.

 

I think that the Execute Disable Bit feature is the only thing in the BIOS for security because Windows takes advantage of this when it's enabled using Data Execution Prevention. This feature in Windows is user-controlled and I can show you where its settings are if you'd like.

 

So, a modified BIOS for malicious intent would probably make it so that Execute Disable Bit can't be enabled even if the user thinks they have it enabled (so it would still be disabled even though the setting says Enabled in the BIOS). That would mean that Windows would be unable to use Data Execution Prevention and so therefore a malicious user would be able to get done what they want to get done that would otherwise be either difficult or impossible with DEP enabled.

It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
post #3 of 3
BIOS security has been around for a lot longer than the NX bit (and Secure Boot, for that matter). As the BIOS is the first thing that loads (followed by the CMOS setup program, if you want to get picky), it loads before the OS, and could therefore load a rootkit into memory or onto the boot sector before the OS loads, and the OS would be completely unaware. The "Virus Protection" that you find in the CMOS program prevents the writing to the boot sector (and RAM before the handover to the bootloader, I believe), but can interfere with the OS so most people leave it off. The chances of having a compromised BIOS are virtually nil nowadays (although back in the 16 bit days, there was a bit more of a risk, as the OS accessed the hardware "more directly" than nowadays. There was a lot more assemly, and a lot less C & higher languages. Hell, even in BASIC, you could POKE memory addresses directly.

It wasn't just soldering on a new BIOS chip (a bit hardcore!), if you had access to the CMOS setup program, you could flash a new, compromised setup to the CMOS. That's why most corporate/educational PCs don't allow CMOS access without a password.
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
Little Beast
(12 items)
 
Black 'n' blue II
(15 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7-4710MQ Nvidia Geforce GTX860M 2GB 16GB Kingston DDR3 1600MHz 240Gb Silicon Power S55/S60 SSD 
Hard DriveOSOSMonitor
1Tb Toshiba HDD 5400rpm Windows 8.1 Linux Mint 18 17.3" LED 1920x1080 
CaseMouseMouse PadAudio
PCSpecialist Optimus V ST17-860 Logitech MX518 Steelseries QcK Creative HS800 Fatal1ty 
CPUMotherboardGraphicsRAM
Core i7 860 @ 1.25V MSI P55-GD65 Xpertvision Radeon HD4850 4GB G.Skill Ripjaw 
Hard DriveOptical DriveCoolingOS
150Gb Velociraptor & 1Tb WD Caviar Black Opticon Lightscribe DVD-RW DL Noctua NH-U12P SE2 Vista Home Premium x64 
MonitorKeyboardPowerCase
Hyundai BlueH H224W 22" LCD Saitek Eclipse II Thermaltake Purepower RX 550 Galaxy III 
Mouse
Patuoxun optical gaming mouse 3200dpi 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Coding and Programming
Overclock.net › Forums › Software, Programming and Coding › Coding and Programming › What security does the BIOS enable