Bios Flash Protection?
Hello, I need help finding a motherboard that has BIOS Write Protection. They seem to be very rare for some reason.
Some specific model numbers would help. Thanks.
Some specific model numbers would help. Thanks.
JDFan said:Not sure about BIOS write protection but many of the Gigabyte MOBOs have Dual Bioses so that if something goes wrong with the primary BIOS it can be automatically recovered by the secondary BIOS.
Yeah but see I have a rare problem(although i've found some websites that prove im not the only one) of some rootkit/trojan controlled by a remote hacker that must have gotten into my BIOS.
Researchers: Rootkits headed for BIOS 2008-04-25
Anonymous (1 replies)
I have been fighting bios rootkits for 5 years.I was hacked by russian hackers.It attacks motherboards,video cards,pci cards,DVD/CD firmware,hard drive mbr.So no matter what you do it is allways protected.The only way to get rid of these rootkits are to replace the entire computer.No one believed me till jan 2008.Once you get hit with these rootkits your computer is toast.And there is nothing to stop it.Manufacturers need to put jumpers on all hardware to protect the hardware from being flashed.
Also you don't need physical access to flash bios anymore due to the fact that you can flash in windows. So once the hacker gains admin privileges to my system, he can flash it. I'm not able to stop it.
The problem is the BIOS boots and runs but the rootkit remains even after replacing/reformatting the hard drive and re-installation of windows. So the BIOS or firmware is all I can come up with. Figure that a jumper on the motherboard not allowing the BIOS to be flashed without physical access would be the best bet.
Even an older board that supports an Intel Core 2 Duo would be fine.
Is it by chance a DELL server MOBO -- as discussed in this article
JDFan said:Is it by chance a DELL server MOBO -- as discussed in this article
Yeah I read that article a couple of days ago too, but no. This orginally happened about 3 years ago on a pc with a different motherboard. After I had remade a brand new pc, this bs instantly spread to the motherboard of the PC I have now. Both PCs did not have a way to stop from flashing the BIOS.
It is possible however that this "Malware" they talk about is actually a similar rootkit to what I have. Noone seems to know where it originates from and most don't even notice it on their pc's. Usually people just blame windows for crashing all the time and don't realize what is actually going on.
It's messed up and this why motherboards went away from Flash protection is completely idiotic. Basically they figure your BIOS getting flashed is not possible or very rare. So they sacrifice security for convenience. You notice how Flash Drives and Cards have gone the same route?
I HAVE FIXES!!! But:
WOW!!! Finally some one else who has gone through what I started to battled for 2&1/2 mos starting June of 2011. I HAVE BEEN MAKING THE SAME ARGUMENT that the bios needs to be LOCKED DOWN by the manufacturer.... not only that, but it all BIOS(s) should ONLY be allowed to be flashed by BOOTABLE MEDIA!. So many manufacturers want you to flash from windows (WinPhlash) and that is retarded!
However after a few months of countless hours, I HAVE FIXED SERVERAL MACHINES. One was an emachine with a jumper on the mobo for reflashing (this machine was great for clearing infected HD's too). The other machine had bootable media to flash the bios. Always disconnect the HD then pull the CMOS and power cable to clear the virus from RAM before attempting to flash (should only take 60 secs if you occasionally push the computer's power button.
But the retarded manufactures who use whiplash, made the extra challenging. When I disconnected the HD, I was able to use BartePE to create a Windows Live disk that included the bios.exe I needed (but still had to use a thumbdrive with the bios because WinLive had an issue writing to the c drive because it was a CDr). Using and type of rewritable media didn't help either. IT WILL SPREAD TO THUMBDRIVES, IPODS, SD CHIPS... EVERYTHING. Always get your tools from a clean machine. Never plug anything back into the clean machine after it has been in the infected one. (If anyone knows of easier ways to make a non-bootable bios.exe, bootable, PLEASE SHARE WITH ME. Find me on facebook. Alex Kerchner. Make the first few words "Rootkit" as I now have a friend's machine to fix too, and I've had no luck with Dells.)
If you make it this far, power cycle and mash the crap out of the 'boot select' button at startup (F10 or F12 usually). Have something like Linux based DBAN in the tray. However, I used a disc I downloaded called "The ultimate boot CD" to Clear the Master Boot Record (MBR) on the HD and used DISKWIPE (without a reboot) a DoD approved, random algorithm using degaussing to nuke the HD to hell.
Intalling Windows again.... Everytime the computer restarts during the install, be ready to mash the key for the boot selection menu, and choose the HD.
I'm a novice obviously, but I did recover some machines, maybe I used a little overkill, but it you have dealt with this thing, you understand exactly why I did!!! One last thing. I found linux to be helpful too as is can be booted from disc. Check out Knoppix for more cool tools. But the guy above is right, I found that it updated the firmware on my wireless thumbdrive too.... another ethical issue I think manufactuers will have to consider: should firmware be upgraded from windows? I think not.
If ANYONE HAS ADDTIONAL INFO, PLEASE CONTACT ME ON FACEBOOK, ALEX KERCHNER. I ESPECIALLY AM INTERESTED IN EASY WAYS TO MAKE A BOOTABLE BIOS OUT OF A WINPHLASH FILE (FOR CD). IF ANYTHING, TELL ME IF THIS HELPED YOU GET TRHOUGH IT.
Last.... Learn to use Linux. The source-code is open and rarely do you hear of a virus. If you have any respect for me at this point, lemme just say F*** Bill Gates. F him hard.