Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How would you verify on demand that the BIOS isn't compromised?


I don't know about "on demand" but PCEngines will give the source for the BIOS and has an older version posted to the site. http://pcengines.ch/tinybios.htm


What I mean is, how would we verify the BIOS firmware matches what that source code should produce? If it's possible for us to make our own builds (i.e. there's no cryptographic signing for the BIOS binaries) then an adversary can insert a backdoor into the source code, make their own build, and then remotely flash your hardware with it. Or does flashing the hardware require some kind of manual operation, like holding down a button for 30 seconds?


Could be the processors as well, better to forge the chips by hand to be sure.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: