Uncategorized

Microsoft MDT: moving from BIOS to UEFI

If you have a Windows box and are trying to convert MBR/BIOS installs to GPT/UEFI installs on ‘class 2’ systems, you might want to read this:

https://blogs.technet.microsoft.com/mniehaus/2017/04/14/moving-from-bios-to-uefi-with-mdt-8443/

 

Standard
Uncategorized

MBR2GPT

“MBR2GPT.EXE converts a disk from Master Boot Record (MBR) to GUID Partition Table (GPT) partition style without modifying or deleting data on the disk. The tool is designed to be run from a Windows Preinstallation Environment (Windows PE) command prompt, but can also be run from the full Windows 10 operating system (OS).[…]”

https://technet.microsoft.com/itpro/windows/deploy/mbr-to-gpt

https://blogs.technet.microsoft.com/windowsitpro/2017/04/05/whats-new-for-it-pros-in-the-windows-10-creators-update/

https://redmondmag.com/articles/2017/04/07/windows-10-creators-update-tools-and-documentation-released.aspx

 

Standard
Uncategorized

OEMs/IBVs aren’t enabling ECC config in boot menus

It looks like most vendors don’t have their boot menus updated to support the new ECC memory they now support…

[…]Once you have an ECC-enabled memory controller, a motherboard with the right traces, and a few sticks of ECC memory, the next step is whether the BIOS/UEFI properly supports ECC. This is where things start getting a little bit iffy. AMD placed all the responsibility for ECC support on the motherboard manufacturers, and they aren’t really willing to step up to the plate and assume that responsibility…you will find out why in the conclusion. As a result, while most motherboard manufacturers have now come to acknowledge that their motherboards are indeed ECC enabled, that is the extent of their involvement. Not one is offering an enable/disable option in the UEFI, and we haven’t seen anyone but ASRock and ASUS have any ECC settings available at the moment.

This lack of settings severely hampers the overall ECC functionality, since a big part of it is that the motherboard should be able to log errors. Right now, no such logging capability exists. Thankfully, there is a possible software solution. The operating system – if it fully supports this new AM4 platform – should have the ability to log errors and corrections. If it does not, the hardware might be silently correcting single-bit errors and even detecting ‘catastrophic’ two-bit errors, but you will never know about it since there will be no log. That’s what we are going to look into next.

To conclude this page, we strongly suspect that just about every AM4 motherboard likely has ECC enabled, or at the very least will in the future. Most motherboard manufacturers certainly aren’t actively supporting it, or even unlocking any of the features that accompany it, but they don’t appear to be maliciously disabling it either. At this point in time, they simply have other way more important things on their plate, like improving memory support, overclocking, ensuring that IOMMU is functional, etc. Furthermore, we strongly suspect that they are presently unable to unlock all of the necessary settings without a newer CPU microcode from AMD.

 

http://www.hardwarecanucks.com/forum/hardware-canucks-reviews/75030-ecc-memory-amds-ryzen-deep-dive-2.html

Standard
Uncategorized

Amazon seeks Firmware Developers

Senior Software Development Engineer – BIOS Firmware
The AWS Hardware Engineering team creates server designs for Amazon’s innovative web services. Our designs are industry-leading in frugality and operational excellence, and are critical to the success of the AWS business and the more than one million customers who use AWS today. Our Firmware Engineers solve challenging technology problems, and build architecturally sound, high-quality components to enable AWS to realize critical business strategies. The ideal candidate for this role will be an innovative self-starter. You will be a BIOS firmware expert, gain a strong understanding of our firmware stack, and analyze it in its current and future context. You will use comprehensive knowledge of the system in your projects to find the best solutions to multi-factor problems. You will work with engineers across the company as well as external companies and lead firmware development efforts. You will collaborate with internal and external development engineers (architecture, hardware, validation, software services). AWS Engineers are shaping the way people use computers and designing the future of cloud computing technology – come help us make history! What you will do: You will be a member of a team designing AWS-specific hardware, firmware and software. You will be a part of the firmware effort from conception, through validation and into production. You will explore emerging technologies and their impact on AWS. You will work closely with AWS software engineers to tailor devices for the AWS environment.[…]

https://us-amazon.icims.com/jobs/466243/senior-software-development-engineer—bios-firmware/job

Software Development Engineer – Server Manageability Firmware
The AWS Hardware Engineering team creates server designs for Amazon’s innovative web services. Our designs are industry-leading in frugality and operational excellence, and are critical to the success of the AWS business and the more than one million customers who use AWS today. Our Firmware Engineers solve challenging technology problems, and build architecturally sound, high-quality components to enable AWS to realize critical business strategies. The ideal candidate for this role will be an innovative self-starter. You will be a Baseboard Management Controller (BMC) firmware expert, gain a strong understanding of our firmware stack, and analyze it in its current and future context. You will use comprehensive knowledge of the system in your projects to find the best solutions to multi-factor problems. You will work with engineers across the company as well as external companies and lead firmware development efforts. You will collaborate with internal and external development engineers (architecture, hardware, validation, software services). AWS Engineers are shaping the way people use computers and designing the future of cloud computing technology – come help us make history! What you will do: You will be a member of a team designing AWS-specific hardware, firmware and software. You will be a part of the firmware effort from conception, through validation and into production. You will explore emerging technologies and their impact on AWS. You will work closely with AWS software engineers to tailor devices for the AWS environment.[…]

https://us-amazon.icims.com/jobs/466240/software-development-engineer—server-manageability-firmware/job

Standard
Uncategorized

6-part Youtube BIOS system architecture series

 

BIOS Session 1 – System Memory Map
BIOS Session 2 – Legacy Region
BIOS Session 3 – HIgh Level Overview of the BOOT flow
BIOS Session 4 – Transaction flows and address decoding part 1
BIOS Session 5 – Transaction flows and address decoding part 2
BIOS Session 6 – PCI Basics and Bus Enumeration

 

 

 

Standard
Uncategorized

SUSE on UEFI -vs- BIOS

I missed this blog post from SuSE from last year:

[…]One UEFI topic that I noticeably did not address in this blog is secure boot. This was actually covered extensively in three previous blogs. To read those blogs do a search for “Secure Boot” at suse.com. I also did not address the comparison of UEFI and BIOS from the operating systems perspective in this blog. That is a separate blog that was released at the same time as this one (Comparison of UEFI and BIOS – from an operating system perspective). Please read it too. Hopefully this gives you some helpful information about the transition from BIOS to UEFI, on the hardware side. You can find more information about SUSE YES Certification at https://www.suse.com/partners/ihv/yes/ or search for YES CERTIFIED hardware at https://www.suse.com/yessearch/. You can also review previous YES Certification blogs at YES Certification blog post[…]

https://www.suse.com/communities/blog/comparison-uefi-bios-hardware-perspective/

Standard
Uncategorized

Rootkits and Bootkits book update

https://www.nostarch.com/rootkits

Table of Contents
Chapter 1: Observing Rootkit Infections
Chapter 2: What’s in a Rootkit: The TDL3 Case Study (NOW AVAILABLE)
Chapter 3: Festi Rootkit: The Most Advanced Spam Bot (NOW AVAILABLE)
Chapter 4: Bootkit Background and History (NOW AVAILABLE)
Chapter 5: Operating System Boot Process Essentials (NOW AVAILABLE)
Chapter 6: Boot Process Security (NOW AVAILABLE)
Chapter 7: Bootkit Infection Techniques (NOW AVAILABLE)
Chapter 8: Static Analysis of a Bootkit Using IDA Pro (NOW AVAILABLE)
Chapter 9: Bootkit Dynamic Analysis: Emulation and Virtualization (NOW AVAILABLE)
Chapter 10: Evolving from MBR to VBR Bootkits: Olmasco (NOW AVAILABLE)
Chapter 11: IPL Bootkits: Rovnix & Carberp (NOW AVAILABLE)
Chapter 12: Gapz: Advanced VBR Infection (NOW AVAILABLE)
Chapter 13: Rise of MBR Ransomware (NOW AVAILABLE)
Chapter 14: UEFI Boot vs. the MBR/VBR Boot Process (NOW AVAILABLE)
Chapter 15: Contemporary UEFI Bootkits
Chapter 16: UEFI Firmware Vulnerabilities
Chapter 17: How Secure Boot Works
Chapter 18: HiddenFsReader: Bootkits Forensic Approaches
Chapter 19: CHIPsec: BIOS/UEFI Forensics

Standard