When you boot up your computer, you might notice that it flashes some text on the screen before loading Windows. This text often details things like RAM capacity, gives you a list of boot options to choose from, or just informs you of the key to press to open the configuration utility. In modern computers, the boot experience tends to be fast and features minimal interruptions. On older computers, though, branded screens with lots of details were shown. This is part of the BIOS, only a tiny part.
The BIOS is the first piece of software run when a computer boots up. It stood for Basic Input/Output System and was invented by IBM in the mid-70s. After its inclusion in IBM’s Personal Computer or PC in the early 80s, it became a de facto standard with several companies reverse engineering it to create compatible systems.
What Does the BIOS Do?
The BIOS’s primary responsibility is to locate and execute the boot loader for an operating system. Before it does that, however, it has other tasks. The POST series of checks identify connected hardware and verify if it would be possible to boot if an operating system is present. In its early forms, this was pretty much all the BIOS did. Really early iterations defaulted to booting from a floppy disk if one was present and only falling back to the system hard drive. In later versions, this was updated to allow the user to choose which device to boot from.
Later, in the 90s, the BIOS was updated to add a configuration utility. This would allow users to change a range of settings on the device with the keyboard, potentially even enabling overclocking. Newer BIOS versions also support booting from other storage devices such as CD/DVD drives and USB storage devices. If no bootable drive was found, the BIOS would print the message “No bootable disk found,” then prompt the user to insert one, press a key to restart and try booting again.
How Is the BIOS Implemented?
For a long time, the BIOS software was loaded from a ROM chip placed in a socket on the motherboard. This design meant that the BIOS was completely read-only, and configuration settings needed to be stored elsewhere. It also said that the only way to update a system BIOS was by completely removing and replacing the BIOS chip on the motherboard. This typically required a removal tool and was not very commonly done. This was partly due to the difficulty, but the cost and general lack of necessity were also factors.
In more modern devices, the ROM chip was replaced with EEPROM, programmable in situ, and flash memory, which was also updated via software rather than a hardware replacement. Tools are sometimes made available by motherboard manufacturers to update the BIOS from within the operating system. Alternatively, it is generally possible to connect a USB flash drive with a BIOS image and flash the BIOS via the BIOS configuration utility.
While updating the BIOS without needing to replace the physical BIOS chip was easier, it opened up some potential issues. A bad update could leave the BIOS in an unusable state, essentially bricking the computer. Two solutions were developed to reduce this risk.
A boot lock isn’t changed in a BIOS update and verifies the rest of the BIOS is functional. If it detects issues, it allows the user to boot from removable media to try updating the BIOS again. The other solution was the dual BIOS. In this case, two copies of the BIOS are included. The first one can be overwritten. If the new BIOS fails to load, it switches to the known good secondary BIOS.
The ability to update the BIOS with software also led to the creation of BIOS viruses. The first BIOS virus was called BIOS Meningitis. It infected hard drives and attempted to avoid antivirus detection but was relatively harmless. The latest CIH virus was much more destructive, as it erased the BIOS from the flash memory, rendering the computer useless.
Both of these viruses were released in the 90s and succeeded thanks to a lack of security controls. Modern operating systems are much more resistant to this type of attack now as many security enhancements have been implemented.
Despite this, some viruses still target the boot sector that the BIOS loads, though this isn’t a direct attack on the BIOS. There is no way to 100% guarantee that a BIOS image downloaded from the internet is safe to use. Even if it is downloaded from the motherboard manufacturer’s website.
A virus on your computer may be able to infect it as you download it. For this reason, it’s essential to verify the signature of a BIOS update before applying it. Even that doesn’t protect you from a deliberately or accidentally faulty BIOS update from the manufacturer. Thankfully this risk is relatively easily dealt with by dual BIOS systems.
The BIOS is the Basic Input/Output System. It was invented and popularised in the 70s and 80s by IBM and its PC line of computers. It checks the hardware for basic functionality and loads the operating system. More recently, it has been superseded by UEFI, or Unified Extensible Firmware Interface, which offers the same functionality and more features.
For a long time, UEFI offered a “legacy BIOS” mode. Even that, however, is being phased out. One of UEFI’s key advantages is the ability to boot from a storage device with a partition larger than 2TB. What are your thoughts on the subject? Let us know in the comments below.