UEFI scanner brings Microsoft Defender ATP protection to a new level

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Jun 18, 2020.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    40,627
    Likes Received:
    8,994
    GPU:
    AMD | NVIDIA
  2. asturur

    asturur Maha Guru

    Messages:
    1,052
    Likes Received:
    310
    GPU:
    Geforce Gtx 1080TI
    Remember me, why did we need UEFI? what was wrong with old BIOS + USB upgrades only?

    Apart this, i really do not know if i like the idea of windows with its history of bugs and security flaw having access to my firmware.
    I would love the idea that while i go near to the metal, the upper layer of software is hosted, but cannot really touch or look anything apart from what the UEFI wants to expose.

    Similarly how applications cannot really delete system files and code in the browser cannot really delete applications.
     
  3. sverek

    sverek Ancient Guru

    Messages:
    6,073
    Likes Received:
    2,953
    GPU:
    NOVIDIA -0.5GB
    When Windows Update fails, it will bring your hardware with it :D
     
    BetA likes this.
  4. Noisiv

    Noisiv Ancient Guru

    Messages:
    7,723
    Likes Received:
    1,093
    GPU:
    2070 Super

  5. mbk1969

    mbk1969 Ancient Guru

    Messages:
    10,576
    Likes Received:
    7,807
    GPU:
    GF RTX 2070 Super
    16 bit code, 1MB memory space to execute, bootable drives only lower than 2.1 TB.

    Now we have 64 bit code both in UEFI BIOS and in OS, we have UEFI shell (not used that widely but I am sure some do use it), we have unified BIOS modules (hence the UBU Tool), we have USB upgrades plus upgrades right in BIOS from NTFS partitions.
     
    PrMinisterGR likes this.
  6. I_Eat_You_Alive

    I_Eat_You_Alive Active Member

    Messages:
    69
    Likes Received:
    15
    GPU:
    RTX 3080 10GB
    I like the idea behind this. But not if Microsoft is implementing it. They can barely get normal bog standard updates working each month. If someone like BitDefender, ESET, or Kaspersky integrated this into their software suites I would feel far more at ease with it. I personally do not use secure boot as I want the option of hitting DEL during startup and get into the BIOS to do what ever I need to do and if something goes wrong in the OS it makes it infinitely easier to correct it. The whole idea of having to load into windows to then reboot and get into to the BIOS is just ludicrous to me. I rarely ever turn on UEFI as I just do not trust the man behind the curtain (yes all modern boards are fully UEFI under the hood but it tones down what it can get it's grubby little hands into); the real world difference between a legacy boot and a UEFI boot on modern SSD machines is about 5-6 seconds, fine by me. Once you are in windows you cannot tell the difference between legacy and UEFI anyway as it switches over to side-channel addressing anyway to the BIOS. I take that reduction in security at face value. I personally use BitDefender on all of my internet facing devices as it works best for me and what I do. I would be interested to see this added to their security suites.
     
  7. asturur

    asturur Maha Guru

    Messages:
    1,052
    Likes Received:
    310
    GPU:
    Geforce Gtx 1080TI
    The bios could be improved without become a full fledged OS with tcp ip stack, ntfs compatibility and bitmap graphic. ( is not even an open standard ntfs )
    A fine text interface and usb + open filesystem format would reduce the attack surface in general.
     
  8. jwb1

    jwb1 Master Guru

    Messages:
    725
    Likes Received:
    156
    GPU:
    MSI GTX 2080 Ti
    Windows 10 is actually pretty secure and the built in Defender has a low footprint and actually does work well.
     
  9. mbk1969

    mbk1969 Ancient Guru

    Messages:
    10,576
    Likes Received:
    7,807
    GPU:
    GF RTX 2070 Super
    But could it stay 16 bit? I guess "no" is the only interesting option.
    I prefer better performance (interaction with Windows/Linux) and better unification (and modularity).
     
  10. fry178

    fry178 Ancient Guru

    Messages:
    1,683
    Likes Received:
    247
    GPU:
    2080S WaterForceWB
    @I_Eat_You_Alive
    start using M.2 with gpt and see how far you can boot in legacy mode...
    i dont care about secure boot being off, doesnt man im gonna stick with legacy mode for no reason
    on hw/sw that was design with uefi in mind.
     

  11. KissSh0t

    KissSh0t Ancient Guru

    Messages:
    8,815
    Likes Received:
    2,754
    GPU:
    ASUS RX 470 Strix
    You know I've thought about this in the past when my pc acted funny which made me full flash bios and everything went back to normal.... now I'm certain my hunch was correct.
     
  12. PrMinisterGR

    PrMinisterGR Ancient Guru

    Messages:
    7,653
    Likes Received:
    581
    GPU:
    Inno3D RTX 3090
    From a very quick search here:
    https://www.1e.com/news-insights/blogs/what-is-uefi-and-why-do-i-need-it/
     
  13. Denial

    Denial Ancient Guru

    Messages:
    13,294
    Likes Received:
    2,781
    GPU:
    EVGA RTX 3080
    You already gave the government access to your UEFI when you bought a bought an Intel processor with ME in it.
     
    fry178 likes this.
  14. warezme

    warezme Master Guru

    Messages:
    211
    Likes Received:
    26
    GPU:
    Evga 970GTX Classified
    Here's an interesting conundrum not readily documented (not all of it) on the webs. It is more related to the bootloader than UEFI but still related. I recently ran into an issue when removing an older drive from my workstation which admittedly has to many drives. It turns you can have the boot files on a drive other than your C: or data windows drive. Once I removed the old drive (which did not contain the boot files), the system failed to boot without any recovery options. The only option is to boot from windows recovery USB or disk. Second the boot folder had either been corrupted or deleted because reconnecting the old drive did not fix the problem. Windows could not restore/fix/recover the boot partition because it also turns out the C: drive was not GPT enabled. Another uncommon setting in my configuration. It took quite awhile to determine that this was the reason I could not recreate a boot partition on my data parition. I verified this by finding a GPT enabled drive, creating a boot EFI partition and reloading the boot information on to it.

    Lesson learned. Your boot EFI partition should be located on a high letter drive such as S:, V: or P: to avoid lower level drive letters possibly leading to boot partition errors. Your main data Windows drive should be GPT and contain the EFI boot partition. Although I kind of like the idea of my configuration being non standard as most hacks are designed to access basic configurations and sometimes being non standard breaks their logic.
     
  15. Astyanax

    Astyanax Ancient Guru

    Messages:
    10,120
    Likes Received:
    3,602
    GPU:
    GTX 1080ti
    not even from the ground up, they built on top of win8.1
     
    carnivore and KissSh0t like this.

  16. KissSh0t

    KissSh0t Ancient Guru

    Messages:
    8,815
    Likes Received:
    2,754
    GPU:
    ASUS RX 470 Strix
    [​IMG]
     
  17. tsunami231

    tsunami231 Ancient Guru

    Messages:
    11,507
    Likes Received:
    796
    GPU:
    EVGA 1070Ti Black
    they are all gona start doing this at somepoint give them time not sure I feel about software having access to UEFI I barely like the stuff MS has access too, I pretty sure Avast already does this
     

Share This Page