I'm looking for a way to permanently disable reflashing of the bios.
I have several platforms, not a specific vendor or series.
I thought of removing the leg incharge of writing to the flash, but
it's not possible, since in some flashes, it's used for other commands
besides write/erase commands.
I heard there is a way to disable reflashing through the motherboard,
but didn't find info about it.
Any suggestions how to permanently disable reflashing?
On Tue, 06 Feb 2007 00:56:18 -0800, Bradly_Jeff wrote:
> Hi All,
>
> I'm looking for a way to permanently disable reflashing of the bios.
> I have several platforms, not a specific vendor or series.
>
> I thought of removing the leg incharge of writing to the flash, but
> it's not possible, since in some flashes, it's used for other commands
> besides write/erase commands.
>
> I heard there is a way to disable reflashing through the motherboard,
> but didn't find info about it.
>
> Any suggestions how to permanently disable reflashing?
>
Replace the bios flash rom chip with a compatable rom, prom, eprom, etc.
It's been a long time since I looked at the specs on these, but all have
a control lead that could prevent this by being pulled high or low. That's
not to say someone couldn't pull the chip, reprogram it and put it back in
though. for that matter unless you seal it in some way, someone could
always do this no matter what you did to try and stop them from flashing
the original. So short of sealing a non flashable chip in place all you
are going to do is make it harder for someone that knows what they are
doing to do it. If you are looking for something less drastic, buy MB's
with jumpers fro bios protection. Some, but not all boards have this
feature. Basically pulling a pin on the chip high or low as I mentioned
previously.
"gowanoh" <fac_187@hotmail.com> writes:
>If there is no floppy disk or CD reader on the computer there is no way to
>flash the BIOS.
>
Sure there is:
1) Use a program that runs under the host operating system to
reprogram the flash. Such a program is not difficult
to develop, just custom to the flash part and mb chipset.
2) Put a DOS parition on the hard drive and load the flash
utility and image into that partition and reboot to DOS.
3) Plug a usb floppy/cdrom into the system and boot from it.
Bradly_Jeff@yahoo.com wrote:
> Hi All,
>
> I'm looking for a way to permanently disable reflashing of the bios.
> I have several platforms, not a specific vendor or series.
>
> I thought of removing the leg incharge of writing to the flash, but
> it's not possible, since in some flashes, it's used for other commands
> besides write/erase commands.
>
> I heard there is a way to disable reflashing through the motherboard,
> but didn't find info about it.
>
> Any suggestions how to permanently disable reflashing?
>
> Jeff.
>
Find a blank BIOS chip that is OTP (one time programmable).
These are used for devices where the manufacturer doesn't plan
on doing field upgrades. If soldered in place, so much the better.
(No temptation to swap out the BIOS chip, with an erasable
one.)
Now, what is the problem with this concept ? The flash chip is
not immutable. The DMI and ESCD areas of the BIOS chip, are
updated every time new hardware is added or removed from the
computer. On some BIOS designs, there are also a couple 2KB
microcode caches, for the microcode patch to the processor.
So the BIOS can write to certain areas of the chip, by itself.
If a machine has a stable configuration, I suppose you can
make a copy of the current contents of the flash, and put them
in an OTP. But I bet before long, the user will be complaining
about some error message that pops up during POST. So using
an OTP might not be the perfect solution. Some testing required...
Preventing Bios Flash Reflashing Permanently 
Linear Mode
