What are BIOS and UEFI?
Published on August 15, 2022
Category: Misc
The Basic Input Output System (BIOS) firmware is a set of instructions that tell a computer how to accept input and send output to external sources. It is usually a chip located on the motherboard.
BIOS in Action
Say we have a laptop computer that comes with an external mouse. The BIOS communicates and exchanges data with this mouse.
Another example is during the Power-On Self-Test (POST). If the graphics card fails, BIOS may alert you with beep codes or error screens, such as Dell devices emitting 6 beeps for a failed graphics card.
UEFI: The Modern Alternative
The Unified Extensible Firmware Interface (UEFI) is a modern replacement for BIOS. It offers faster boot times, supports larger drives, and includes advanced security features like Secure Boot.
BIOS Hardening Techniques
1. Flashing
Updating BIOS (flashing) can include critical security patches but comes with risks like bricking the computer if an error occurs during the update.
2. Setting a BIOS Password
BIOS allows setting admin passwords to restrict unauthorized access. However, resetting it is often as simple as resetting a jumper or cable.
3. Enabling Secure Boot
Available only in UEFI, Secure Boot prevents malware from running during boot time. Most systems have it enabled by default.
4. Full-Disk Encryption (FDE)
FDE locks down a computer's data with a password, preventing unauthorized access even if the attacker has physical control. However, losing the FDE password makes data recovery impossible.
Conclusion
Understanding BIOS and UEFI, along with implementing hardening techniques like Secure Boot and FDE, is essential for securing your computer and its data. Keep these concepts in mind as you manage your system's firmware!