Search Entire Site
Twitter: BIOS_Mods

Archive for February, 2012

UEFI, Secure Boot and what it means to you

With the advent of UEFI and Windows 8 comes some security and usability issues. When Windows 8 is released, UEFI’s “Secure Boot” will be required to be turned on by default and it will be left to the OEM’s on how to implement it. What does this mean to you? Maybe nothing.

Windows is still the most popular PC Operating System in the world. As such, it is highly likely that the computer you are reading this article on is running some version of Microsoft Windows. If you are running Windows 7 and up, your OS is compliant to UEFI specifications. But what if you want to run a different OS, like Linux, older versions of Windows? You could be out of luck.

What is Secure Boot?

Secure Boot is a UEFI 2.3.1 specification that during the boot process verifies certificates (or keys) held in the firmware, and compares them to other Option Roms and OS boot loaders. If the correct key is not in the firmware, or is in the “Blacklist”, Secure Boot will prevent the OS from loading or could prevent you from upgrading to certain manufacturers option cards. Since it will be up to the OEM (Original Equipment Manufacturer) to implement the Secure Boot feature, it is also up to them whether or not to add an option in the set-up to disable it, or to be able to update the “Allowed” OS list. So, if you were to buy a Windows 8 PC and want to install a new version of Linux, and there is no option to disable Secure Boot, and the key for the version of Linux you are installing is not found in the firmware, the OS will fail to load. This feature is intended to prevent malware such as “rootkits” and “bootkits” to install themselves and run when booting your OS. According to Microsoft, the Windows 8 implementation of Secure Boot, programs will not be able to change Secure Boot security settings to prevent malware from gaining access through reprogramming the firmware.

Out with BIOS, in with UEFI.

Ever since the computer was born, there needed to be a program to tell the CPU where things are and how to use them. In 1981 the IBM 5150 introduced the BIOS (Basic Input/Output System) to the IBM-PC market. The IBM 5150 had an 8088 16bit (16bit internal bus, 8bit external bus) processor, so the BIOS chip was limited to 16 bits and 1MB of memory space. Years went by and the CPU became more powerful, with a wider bus and more memory access. However, the BIOS remained the same, and retained it’s 16bit bus and 1MB memory limit, depending on the PC-AT hardware platform.

Enter EFI/UEFI (Extensible Firmware Interface/Unified Extensible Firmware Interface respectively). EFI was introduced in the mid-1990′s with the Intel-HP Itanium processor systems as the older BIOS was considered too limited for large server systems. In 2005 Intel dropped the EFI platform and handed it over to the Unified EFI Forum, which then became the UEFI.

There are several advantages to UEFI over the BIOS. UEFI boots faster, has the ability to boot from very large hard disks over 2TB, drops the MBR (master boot record) for the GUID Partition table, architecture and drivers are CPU-independent, an extensive GUI with mouse and network capabilities are possible, and ACPI and SMBIOS are also included as these are not dependent on the 16bit limitations of the older BIOS.

No overclock option in your BIOS? No Problem.

Overclocking your CPU can be risky business, however if done properly and with the proper amount of care, it can improve system performance anywhere from 5% to 50% depending on the CPU and how it is overclocked. In this article, I am going to discuss the various methods, benefits and downfalls of overclocking. Remember, ALL forms of overclocking beyond the manufacturers specifications voids the warranty and has the potential of “bricking” your CPU, Motherboard, or both. Therefore I take no responsibility what happens to your CPU/Motherboard if you attempt an overclock. If you are not technically inclined, or feel uncomfortable changing these settings, please give it to someone who is or just don’t try it.

Overclocking creates  extra heat, so it is a good idea to buy a good heat sink to dissipate the extra heat.

The safest and perhaps the easiest way to overclock your CPU is if you have that option in your BIOS’s setup. There are often times the BIOS will contain options to change the FSB (Front Side Bus) frequency or CPU clock multiplier. However, as this article is about overclocking without this feature, I will skip this step.

If your motherboard’s BIOS does not have an overclocking feature, do not worry, there are other options. The first option you have is to overclock using overclocking software. overclocking via software basically changes your FSB frequency or the clock multiplier in your CPU. In order for this method to work, you must have one of two things:

APM (Advanced Power Management)

APM is a set of programs that control the Advanced Power Management system found in most modern laptop computers