On Fri, 12 Feb 1999, Kragen Sitaker wrote:
> Firmware that is flashable without requiring inconvenient physical
> access really scares me.
Let me open another can of worms of this kind and quote from FAQ on one
well-known PC motherboard maker's web:
<quote type=spammy>
2.10 I flashed the BIOS without changing the jumper! How?
The only situation where a jumper change is necessary is when you are
using an Intel flash BIOS chip and are flashing everything including the
boot block. In this case, the boot block protect jumper needs to be
changed to "unprotect" in order for the flash to be successful. Here's
more information about this issue:
For a PNP system, the ESCD will be updated at runtime. Because of this,
the Flash ROM has to remain writable at all times during runtime.
In order to protect the Flash ROM from being damaged accidentally, Intel
introduced the concept of the "boot block". Intel allowed the boot block
to be hardware protected by disabling a jumper. If this jumper is
disabled, the boot block is absolutely safe. This allows the user to boot
from a floppy and reflash the main BIOS. That means users can always
recover from damage in any case. The boot block is a patent of Intel's.
Nobody else has this feature. The boot block feature is a good feature,
but it does not necessarily make it the only choice.
Without using the boot block feature, SST and some other vendors have
carefully designed the programming sequences of each sector in the BIOS.
These sectors are totally independent. During sector programming, if the
power fails, it will not affect other sectors. This means that the boot
sectors are protected from being damaged.
The only possible exception to this is if someone specifically tries to
destroy the boot sectors on purpose. In order to do this, that person or
virus must know how to program SST's (or other vendor's) Flash ROM and how
to enable the read/write shadow function of the core chipset (the BIOS is
write-protected by the chipset as well). Even if this person knows how to
do all of this, he/she can only destroy the boot content of the BIOS,
which would make your system unbootable. The virus cannot infect the main
BIOS unless it knows every bit of the BIOS code, which is different
between vendors, models, and even revisions. In this case, it is no longer
a boot block issue because the virus can change the main BIOS anyway. In
the real world, we have not found any program or virus that can do this.
</quote>
("Flashing Instructions" for their new motherboards do not mention
anything about jumpers or BIOS settings.)
I leave it up to the reader to ponder the consequences...
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"NSA GCHQ KGB CIA nuclear conspiration war weapon spy agent... Hi Echelon!"
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:04 PDT