Say goodbye BIOS, hello UEFI; your hardware will be more secure for it

PCs have changed a lot in the past four decades, but one constant has been the Basic Input/Output System, BIOS, which handles the initialization process at startup and hands off control to the operating system. Pretty much every user is familiar with the BIOS acronym, even if they long ago forgot what the letters stood for. That’s about to change. There’s a new acronym on the block, UEFI, and it’s worth getting to know.

What it is: The Unified Extensible Firmware Interface or UEFI,  is a boot-level program that will replace BIOS on just about every new system from now on.

Unlike BIOS, which is a set of commands stored inside the firmware of a computer’s motherboard, UEFI is actually a program that can reside in non-volatile memory on a motherboard, or a hard drive, or even on a shared network drive.

The UEFI sets up a computer to run, but in a lot of ways it’s like an operating system itself. It has a graphical interface that is accessed via the mouse, can run programs from within a shell, and even allows surfing of the Internet if you really want it. UEFI gives a lot of freedom for developers and system designers to perform different tasks at boot up, such as backing up hard drives, running utility programs or even automatically logging into secure government networks. Only after UEFI has completed all of its assigned tasks will it transfer control of a system to the actual OS that will run everything else.

Examples: The reason most people are hearing about UEFI now is that it’s a key component to Microsoft Windows 8 and Windows Server 2012.  What Microsoft has done with its version of UEFI is to have it reach out to the master boot record on a machine to check if everything is in a pristine state. If any rootkits or malware have messed with the boot drivers, the UEFI will refuse to hand off control to the Windows 8 operating system. So the computer won’t fully boot if it’s been compromised. Any system that is certified for use with Windows 8 will need to have this feature. Some hardware manufacturers may allow users to disable secure boot as part of the UEFI interface, but it’s going to be turned on by default.

Bottom Line: BIOS was great for its day, but not many programs invented the 1970’s are still in common use today. It also was unsecured and unchanging, and a favorite target for hackers. UEFI will help to lock systems down while at the same time giving developers and users more control over their computers. And like it or not, it’s here now in increasing numbers, and likely to stay for a long time.

About the Author

John Breeden II is a freelance technology writer for GCN.

inside gcn

  • secure cloud (Nata-Lia/Shutterstock)

    Box brings milspec security to its entire platform

Reader Comments

Thu, Mar 6, 2014 SWIM the netherworld....

I already have code I have written that allows me to enter any password I want in to the log in prompt (as long as it has logged in previously at least once) and it will be accepted. No changes are made to the HDD or any program files on disk btw so when you reboot the former password is still good and the user has no idea you ever did anything. Having UEFI start the computer is a horrible idea. WHY would you want to allow me to run programs before the computer boots fully? I am doing ALL of this through UEFI and it works on every version of Windows (as long as you have UEFI). Silly MS. Tricks are for kids. Scan the computer for compromise my #$%#.

Mon, Feb 18, 2013 Riccardo

I have switched from MBR to GPT, hoping to notice performance increase at startup. Results: Boot time has not changed! 34 seconds in MBR mode and same time in UEFI mode! Why is that?

Tue, Dec 25, 2012

UEFI is one more step toward perdition -- previous comment was correct: this is another attempt by MS to control peoples property -- also the fact that UEFI is network connected is about the stupidest idea since, well windows 8

Tue, Nov 27, 2012

one Ballmer + MeTooSoft = Kodak 2.0
MeTooSoft want to control Linux - that's all about UEFI
The backdoors still remain

Wed, Nov 7, 2012 Anonymous Greece

The control age has been gone forever, the solution is ONE and simple open source O.S. common to all so is BIOS MIOS etc, one kind of motherboard one kind of drivers for graphics, communications , gaming and development, memory type ONE and if new ones are invented should be compatible to the previous greed and over profit should end right a way, technology should at human's service.!!!!!!!!

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group