UEFI News and Commentary

Sunday, April 29, 2018

20 Year Anniversary: The CIH Virus and the BIOS

As noted in this article, April 26th marked the anniversary when the CIH (or Chernobyl) virus would deliberately attack the contents of the flash chip containing the BIOS part on certain motherboards, making those systems inoperable. The write-protect line on the flash chip was easily disabled, if you knew the little-known access sequence. As the author correctly concludes, "Don't rely on security through obscurity." OEMs and BIOS vendors are sometimes guilty of assuming that BIOS code is so obscure that no one will bother. But in an era where the data on the computer is so much more valuable than the cost of disassembling (or purchasing!) the code, that is no longer a safe assumption. 

No comments: