0

how to determine what chip wire/leg allows BIOS flashing?

I want to modify my MOBO to deny BIOS flashing.
I only want it allowed when I really need to write on it.

So, I need to know:

  • if it is possible to determine what wire I need to cut to deny bios flashing. (like as if it is just one, and if it is documented somewhere)
  • if cutting a single wire will solve the problem
  • if i can solder a jumper plug there to reenable bios flashing if i ever need it one day (i never flashed a bios update, i never needed and i dont want a virus having a chance to do it)

I also guess i will need a precise robotic arm to not mess everything as it is all too tiny.

Linked:
https://hardwarerecs.stackexchange.com/questions/17793/im-looking-for-a-motherboard-that-allows-to-physically-deny-bios-flashing

VeganEye
  • 1
  • There's almost certainly more than one wire involved in it, and the wires involved are almost certainly used for other things as part of the normal operation of the motherboard. – Hearth Jun 10 '23 at 15:17
  • Implementation is going to vary between not only different manufacturers, but even different models from the *same* manufacturer. – rdtsc Jun 10 '23 at 15:29
  • If the EEPROM used to store the BIOS has a write protection register like [these ones](https://onlinedocs.microchip.com/pr/GUID-8B75A8E3-EAC8-47E4-B4E2-84DB84C60333-en-US-2/index.html?GUID-C6B74FEA-878E-4BF7-B623-1417E239A0B7) then you could set it using a suitable programmer. The problems are to find one that will work with the motherboard, if the current one doesn't, and you have to use a new one to update the BIOS. And if the BIOS uses the EEPROM for settings, it may not be a viable option at all. – Andrew Morton Jun 10 '23 at 15:31
  • It may be nonexistent. Even if you cut a wire to prevent writing to an SPI flash chip it might prevent many other things from functioning properly, e.g storage of settings or TPM keys etc. – Justme Jun 10 '23 at 15:46
  • 1
    Have you checked if the bios has an option to disable flashing? – Rodo Jun 10 '23 at 17:11
  • @Rodo i didnt know it could be an option. But that being a software config, cant it be remotely/virus hacked too? And wont it be reenabled when the clock battery ends by restoring defauts? Even if default is "flashing disabled", it still is a software config. But it is certainly better than nothing. I never saw it in any bios and usually i read all tabs when i buy a new one. I will try the user manual but i dont think my mobos have that option. – VeganEye Jun 10 '23 at 20:34
  • @AndrewMorton it could be an option if i buy a new mobo that let me do what you suggest (a reversible (right?) protection that requires physical interaction with the hardware) without issues. In other words, no mobo seems to easily allow that (the easiest would be the physical jumper). Most mobos may be impossible or not work well after doing that. So what i need is to find the few that will let me patch it. – VeganEye Jun 10 '23 at 20:49
  • @VeganEye No, it needs to be irreversible, and if you get a new motherboard, which is likely to be UEFI-based, there is an even smaller chance that an EEPROM set to read-only will work, in my guesstimation. You're more likely to find someone who's tried it on Tom's Hardware or Reddit, for example. – Andrew Morton Jun 11 '23 at 15:11
  • @AndrewMorton now i get it, thx on the tips! I will continue my reasearch, both on how to DIY and for a MOBO that comes already with a jumper that really protects the bios. I never understood why a core thing is left unprotected like that and i never will. – VeganEye Jun 18 '23 at 08:04

0 Answers0