Question from a cautious/paranoid newbie...

Discussion in 'BIOS Mods' started by Loinz, Dec 18, 2009.

  1. Loinz

    Loinz MDL Novice

    Dec 8, 2009
    3
    0
    0
    I appreciate all the info I have gathered from this forum, but I'm a little concerned about flashing my system with a pre-modded BIOS. Is it possible that someone could insert additional code into the BIOS that could have trojan-like activities? For example, everything may look and run normally, but is it possible for someone to code a rootkit like program into the BIOS? And if so, wouldn't that escape detection from a virus scanner that tradtionally scans only the hard drives?

    Thanks for any input, I'm about to take the plunge, but this is the only nagging thought holding me back.
     
  2. Loinz

    Loinz MDL Novice

    Dec 8, 2009
    3
    0
    0
    So I guess Google can answer this for me. This was the top link of my search:

    tomshardware.com/news/bios-virus-rootkit-security-backdoor,7400.html

    So my next question is, how do we tell if a BIOS linked here contains such code?
     
  3. domatlapuk

    domatlapuk MDL Expert

    Sep 12, 2009
    1,060
    16
    60
    I'm sure that people here will not do that to put different code on the bios beside if you modded it wrong it will bricked your mobo or will not flash it..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Loinz

    Loinz MDL Novice

    Dec 8, 2009
    3
    0
    0
    Really? Because if I were a bios-virus programmer, this would be one of the first places I'd be hiding and disseminating my code. The hardest part of propagating a bios-virus would be getting admin rights on the target system to do the flashing. Here, there are hundreds of people lining up to volunteer to flash their bios for you.

    What safety precautions are you guys taking, aside from blind trust?
     
  5. urie

    urie Moderator
    Staff Member

    May 21, 2007
    8,707
    3,064
    300
    If you don't trust any one on this forum then i suggest you start reading and download tools available and do your own bios mod or just leave, if you had any idea the time and effort that has gone into the learning of bios modding you wouldn't even be asking that question these forums are based on trust.
     
  6. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,098
    10,769
    340
    You are responsible for your decision. Every time when you download and install a piece of code you have to make a decision, to trust or not.

    Being admin at MDL and a member from the very first beginning, I took a main part to bring biosmodding to here.
    Do you trust official OEMs? Although they are restricting your PC / Laptop (to hide powerful performance options at bios) and have probably computrace and whitelists installed at your bios?
    Do you trust M$ even though your OS is phoning home?
    Do you trust your virus scanner?
    Don't you think that if somebody here would have programmed malicious code into the bios, nobody would have noticed about?

    To programm malicious code into bios, especially into EFI is possible. You have to be skilled to do that.
    Take it or leave it. You are invited to read here at MDL. To communicate with our members, to feel the atmosphere, to be a part of the MDL community. Then you may decide if you trust or not.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...