BIOS
   HOME

TheInfoList



In
computing Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes and development of both computer hardware , hardware and software. It has scie ...
, BIOS (, ); an
acronym An acronym is a word or name formed from the initial components of a longer name or phrase, usually using individual initial letters, as in NATO (North Atlantic Treaty Organization) or European Union, EU (European Union), but sometimes using sy ...
for Basic Input/Output System and also known as the System BIOS, ROM BIOS or PC BIOS) is
firmware In computing Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes and development of both computer hardware , hardware and softwa ...
used to perform
hardware Hardware may refer to: Technology Computing and electronics * Computer hardware, physical parts of a computer * Digital electronics, electronics that operate on digital signals * Electronic component, device in an electronic system used to affect e ...
initialization during the
booting In computing, booting is the process of starting a computer. It can be initiated by Computer hardware, hardware such as a button press, or by a software command. After it is switched on, a computer's central processing unit (CPU) has no softw ...
process (power-on startup), and to provide runtime services for
operating system An operating system (OS) is system software that manages computer hardware, computer software, software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), sch ...

operating system
s and programs. The BIOS firmware comes pre-installed on a
personal computer File:Crystal Project computer.png, upright=0.9, An artist's depiction of a 2000s-era desktop-style personal computer, which includes a metal case with the computing components, a display monitor and a keyboard (mouse not shown) A personal com ...
's system board, and it is the first software to run when powered on. The name originates from the Basic Input/Output System used in the
CP/M CP/M, originally standing for Control Program/Monitor and later Control Program for Microcomputers, is a mass-market operating system An operating system (OS) is system software that manages computer hardware, computer software, software re ...
operating system in 1975. The BIOS originally
proprietary {{Short pages monitor File:Bios chip-2011-04-11.jpg, A detached BIOS chip EEPROM and Flash memory chips are advantageous because they can be easily updated by the user; it is customary for hardware manufacturers to issue BIOS updates to upgrade their products, improve compatibility and remove software bug, bugs. However, this advantage had the risk that an improperly executed or aborted BIOS update could render the computer or device unusable. To avoid these situations, more recent BIOSes use a "boot block"; a portion of the BIOS which runs first and must be updated separately. This code verifies if the rest of the BIOS is intact (using hash function, hash
checksum A checksum is a small-sized block of data derived from another block of digital data Digital usually refers to something using digits, particularly binary digits. Technology and computing Hardware * Digital electronics, electronic circuits w ...

checksum
s or other methods) before transferring control to it. If the boot block detects any corruption in the main BIOS, it will typically warn the user that a recovery process must be initiated by booting from removable media (floppy, CD or USB flash drive) so the user can try flashing the BIOS again. Some
motherboard A motherboard (also called mainboard, main circuit board, system board, baseboard, planar board, logic board, or mobo) is the main printed circuit board A printed circuit board (PCB) mechanically supports and electrically connects electrica ...

motherboard
s have a ''backup'' BIOS (sometimes referred to as DualBIOS boards) to recover from BIOS corruptions. There are at least five known BIOS attack viruses, two of which were for demonstration purposes. The first one found in the wild was ''Mebromi'', targeting Chinese users. The first BIOS virus was BIOS Meningitis, which instead of erasing BIOS chips it infected them. BIOS Meningitis has relatively harmless, compared to a virus like CIH (computer virus), CIH. The second BIOS virus was CIH (computer virus), CIH, also known as the "Chernobyl Virus", which was able to erase flash ROM BIOS content on compatible chipsets. CIH appeared in mid-1998 and became active in April 1999. Often, infected computers could no longer boot, and people had to remove the flash ROM IC from the motherboard and reprogram it. CIH targeted the then-widespread Intel i430TX motherboard chipset and took advantage of the fact that the Windows 9x operating systems, also widespread at the time, allowed direct hardware access to all programs. Modern systems are not vulnerable to CIH because of a variety of chipsets being used which are incompatible with the Intel i430TX chipset, and also other flash ROM IC types. There is also extra protection from accidental BIOS rewrites in the form of boot blocks which are protected from accidental overwrite or dual and quad BIOS equipped systems which may, in the event of a crash, use a backup BIOS. Also, all modern operating systems such as FreeBSD,
Linux Linux ( or ) is a family of free and open-source software, open-source Unix-like operating systems based on the Linux kernel, an Kernel (computing), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is t ...

Linux
, macOS, Windows NT-based Windows OS like Windows 2000, Windows XP and newer, do not allow Protection ring, user-mode programs to have direct hardware access. As a result, as of 2008, CIH has become essentially harmless, at worst causing annoyance by infecting executable files and triggering antivirus software. Other BIOS viruses remain possible, however;New BIOS Virus Withstands HDD Wipes
27 March 2009. Marcus Yam. Tom's Hardware US
since most Windows home users without Windows Vista/7's UAC run all applications with administrative privileges, a modern CIH-like virus could in principle still gain access to hardware without first using an exploit. The operating system OpenBSD prevents all users from having this access and the grsecurity patch for the Linux kernel also prevents this direct hardware access by default, the difference being an attacker requiring a much more difficult kernel level exploit or reboot of the machine. The second BIOS virus was a technique presented by John Heasman, principal security consultant for UK-based Next-Generation Security Software. In 2006, at the Black Hat Security Conference, he showed how to elevate privileges and read physical memory, using malicious procedures that replaced normal Advanced Configuration and Power Interface, ACPI functions stored in flash memory. The third BIOS virus was a technique called "Persistent BIOS infection." It appeared in 2009 at the CanSecWest Security Conference in Vancouver, and at the SyScan Security Conference in Singapore. Researchers Anibal Sacco and Alfredo Ortega, from Core Security Technologies, demonstrated how to insert malicious code into the decompression routines in the BIOS, allowing for nearly full control of the PC at start-up, even before the operating system is booted. The proof-of-concept does not exploit a flaw in the BIOS implementation, but only involves the normal BIOS flashing procedures. Thus, it requires physical access to the machine, or for the user to be root. Despite these requirements, Ortega underlined the profound implications of his and Sacco's discovery: "We can patch a driver to drop a fully working
rootkit A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the exist ...
. We even have a little code that can remove or disable antivirus." Mebromi is a Trojan horse (computing), trojan which targets computers with AwardBIOS, Microsoft Windows, and antivirus software from two Chinese companies: Rising Antivirus and Jiangmin KV Antivirus. Mebromi installs a rootkit which infects the Master boot record. In a December 2013 interview with ''60 Minutes'', Deborah Plunkett, Information Assurance Director for the US National Security Agency claimed the NSA had uncovered and thwarted a possible BIOS attack by a foreign nation state, targeting the US financial system. The program cited anonymous sources alleging it was a Chinese plot. However follow-up articles in ''The Guardian,'' ''The Atlantic,'' ''Wired (magazine), Wired'' and ''The Register'' refuted the NSA's claims. Newer Intel platforms have Intel Boot Guard (IBG) technology enabled, this technology will check the BIOS digital signature at startup, and the IBG public key is fused into motherboard Platform Controller Hub, PCH. End users can't disable this function.


Alternatives and successors

, the legacy PC BIOS is being replaced by the more complex
Unified Extensible Firmware Interface The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system An operating system (OS) is system software that manages computer hardware, computer software, software resour ...
(UEFI) in many new machines. UEFI is a specification which replaces the runtime interface of the legacy BIOS. Initially written for the Intel Itanium architecture, UEFI is now available for x86 and x86-64 platforms; the specification development is driven by the Unified EFI Forum, an industry Special Interest Group. EFI booting has been supported in only Microsoft Windows versions supporting GUID Partition Table, GPT, the Linux kernel 2.6.1 and later, and macOS on Apple–Intel architecture, Intel-based Macs. , new PC hardware predominantly ships with UEFI firmware. The architecture of the rootkit safeguard can also prevent the system from running the user's own software changes, which makes UEFI controversial as a legacy BIOS replacement in the open hardware community. Other alternatives to the functionality of the "Legacy BIOS" in the x86 world include coreboot and libreboot. Some servers and workstations use a platform-independent Open Firmware (IEEE-1275) based on the Forth (programming language), Forth programming language; it is included with Sun's SPARC computers, IBM's RS/6000 line, and other PowerPC systems such as the Common Hardware Reference Platform, CHRP motherboards, along with the x86-based OLPC XO-1. As of at least 2015, Apple Inc., Apple has removed legacy BIOS support from MacBook Pro computers. As such the BIOS utility no longer supports the legacy option, and prints "Legacy mode not supported on this system". In 2017, Intel announced that it would remove legacy BIOS support by 2020. Since 2019, new Intel platform OEM PCs no longer support the legacy option.


See also

* Double boot * e820 * Extended System Configuration Data (ESCD) * Input/Output Control System * Advanced Configuration and Power Interface (ACPI) * Ralf Brown's Interrupt List (RBIL) interrupts, calls, interfaces, data structures, memory and port addresses, and processor opcodes for the x86 architecture * System Management BIOS (SMBIOS) *
Unified Extensible Firmware Interface The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system An operating system (OS) is system software that manages computer hardware, computer software, software resour ...
(UEFI) * VESA BIOS Extensions (VBE) an interface for using compliant video boards at high resolutions and bit depths, beyond the standard BIOS support


Notes


References


Further reading

* * * * * *
BIOS Disassembly Ninjutsu Uncovered, 1st edition
a freely available book in PDF format
More Power To Firmware
free bonus chapter to the ''Mac OS X Internals: A Systems Approach'' book


External links

* * * * * * {{Authority control BIOS CP/M technology DOS technology Windows technology