Feeds

back to article Samsung laptops can be NUKED by ANY OS – even Windows: new claim

New Samsung laptops that destroyed themselves when booting Ubuntu Linux can be bricked by ANY operating system – including Windows – according to a top embedded developer. Nebula programmer Matthew Garrett has shed new light on a baffling bug that renders shiny Sammy computers completely unusable by accident, and blamed the flaw …

COMMENTS

This topic is closed for new posts.

Page:

Hopefully he tested his concept code on a machine that he can recover by manually re-flashing the UEFI firmware from a console or something similar and isn't distributing it to the uninformed.

1
0
Anonymous Coward

So that's why it stopped working

And I thought it was all down to Windows 8!

6
1
Anonymous Coward

Re: So that's why it stopped working

Don't mention Windows 8. It will incur the comments of EADON

12
1
Silver badge
Joke

Re: So that's why it stopped working

We do not speak his name! The OS chooses the user, it is not always clear why.

17
1
Silver badge

Recovery...

...is simply a matter of pulling the cmos battery and letting bios ram evaporate.

Nonetheless it shows that samsung need to get their fecal matter together. A lot of machines are likely to be RMAed for this procedure if anyone malicious decided to use it to tweak endusers' noses.

5
16
Anonymous Coward

It has bugger all to do with the CMOS battery and "BIOS RAM".

You don't know what you're talking about; that's not where UEFI variables live, and you aren't even using the correct terminology. You're about ten years out of date and ill-informed with it. Why don't you actually read the linked article with the PoC? Or these two wikipedia entries:

http://en.wikipedia.org/wiki/Nonvolatile_BIOS_memory

http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Variable_services

(Not linkified because I'm not allowed to post links for some arbitrary reason.)

16
0
Silver badge

Re: It has bugger all to do with the CMOS battery and "BIOS RAM".

nope.. the closest you can get to this effect using legagy OS and hardware is something like bricking a VIC 20 by POKE-ing straight into ROM. The poor things had no defense at all...

Looks like someone forgot to build in some restrictions regarding adressable memory locations.

5
3
Anonymous Coward

Re: Recovery...

Most EFI Variable Store implementations save the variable data to the same SPI NOR Flash device that contains the BIOS firmware itself. I am not aware of any implementation that does not use the SPI NOR Flash on a modern Core i7.

2
0
Anonymous Coward

Re: It has bugger all to do with the CMOS battery and "BIOS RAM".

Except that a VIC20 ROM was just that, ROM, you couldn't 'POKE' anything into it that survived a reset and even then only if you were executing Kernel from RAM.

The closest thing I can think of for this scenario is a Flash BIOS killing virus like CIH/Chernobyl or flashing an embedded device with the wrong firmware.

Recoverable with a little effort and not strictly a hardware 'failure' as such but still a massive pain in the arse for users all the same.

4
0
Silver badge

Re: It has bugger all to do with the CMOS battery and "BIOS RAM".

some motherboards have recoverable bios's. Not sure if the systems are bricked enough to even allow this to start though (assuming a fault like this could be traced to desktop mobos, I doubt consumer grade laptops have this sort of redundancy built in)

0
0
Boffin

Re: It has bugger all to do with the CMOS battery and "BIOS RAM".

could it be because you are posting anonymously?

0
0
Anonymous Coward

Re: Recovery...

WILL PEOPLE PLEASE STOP CALLING UEFI BIOS.

Really, it's getting beyond a joke. If I hear another person say something like "All you need to do is switch off secure boot in the BIOS" or "Can't you just switch off UEFI in the BIOS", I'm going to scream.

This is supposed to be a tech site.

5
4
Happy

Re: It has bugger all to do with the CMOS battery and "BIOS RAM".

heh.... Oh how I laughed when someone mentioned CIH. I remember an R&D department at a British PC manufacturer getting laid low by that little piece of ****......... They were out of the game for a week if I remember..... Thanks to older hardware and marginally better anti virus policy compliance tech support was unaffected....... thankfully.

0
0
h3
Bronze badge

Re: Recovery...

At least on my reasonably new Supermicro board the place to enable / disable UEFI is the legacy BIOS (That is the default it starts disabled). Everything you say doesn't make sense makes perfect sense in the case of my board.

1
0
Silver badge

Re: Recovery...

People still flatten clothes with 'irons' long after they ceased to be made of iron.

The term 'BIOS setup' will outlast the BIOS itsself.

2
0

Re: Recovery...

"BIOS" was always used incorrectly. The term originated as part of CP/M. The corresponding part of MS-DOS is io.sys.

0
6

Re: Recovery...

"The corresponding part of MS-DOS is io.sys."

er, is it?

I thought the bios was a level below that .

Although I did notice once that winNT was able to use drives the BIOS hadnt bothered detecting

0
0
Boffin

Re: Recovery...

I think notionally the MS-DOS BIOS was split between the ROM BIOS (which would be customised to the particular hardware configuration of the PC) and IO.SYS (or IBMBIO.COM if you had PC-DOS) which was intended to be generic. The term "BIOS" is now so closely associated with boot firmware that we forget it used to be an integral part of a PC's native OS....

0
1
Anonymous Coward

Re: Recovery...

Bo11ocks, BIOS was a part of the PC, sure CP/M may have used it first but way back in the mists of time where my career began, the 2764 (Or smaller, see IBM PC Tech Ref for details) EPROM on a motherboard contained the BIOS, Basic Input Output System.

It contains just enough code to initialise the hardware and load the bootsector off whatever storage media (assuming no peripheral has a ROM that contains the magic numbers to tell BIOS code it's should run that first) you have attached which only then pulls in IO.SYS. IO.SYS is an integral part of MS-DOS and as such, IO.SYS is only required on a PC if you're running DOS or a derivative thereof.

3
2
Linux

Re: Recovery... @AC 16:23

"If I hear another person say something like "All you need to do is switch off secure boot in the BIOS" or "Can't you just switch off UEFI in the BIOS", I'm going to scream."

Why? On many mobos that's exactly where you turn it off. Both secure boot and UEFI. And many mobo makers call UEFI "BIOS" as well, some calling "BIOS" "Legacy BIOS".

"This is supposed to be a tech site."

It is. That's why people talk about turning UEFI off in BIOS. Or using BIOS to disable/turn off secure boot.

Begone, vile hampster.

2
0
Silver badge

Re: Not sure if the systems are bricked enough...

I didn't look into the reports, but if they were recoverable I expect there wouldn't have been as many complaints.

A couple years back Gigabyte released a series of MBs that had a flashable BIOS with a hard ROM backup. If you buggered the flash memory, you could still revert to the ROM which would then reprogram the flash. I thought they were rather handy. Haven't seen anything like them in a while though. Seems like rather inexpensive protection to me.

0
0
Silver badge
Devil

@Raven

How about we set your IDE hard drive parameters while we iron out the bugs in your BIOS? Or would you prefer we just set the MFM Drive ID number?

Where's the crotchy older than dirt icon?

0
0
Silver badge

Re: Bo11ocks, BIOS was a part of the PC

You're way too deep in the 7 layer model for people who can't tell an app from the OS.

0
0
Anonymous Coward

So is Eadon going to have a retraction of all his anti-windows comments?

Title says it all...

3
11

Re: So is Eadon going to have a retraction of all his anti-windows comments?

That would take a *long* time.

6
4
Facepalm

I'm not Eadon...

But I recall that any anti-Windows comment he may have posted on this particular topic was overwhelmed by a flood of 'AC's with such helpful suggestions as "Well if you will run freeware crap, you get what you pay for...".

No, Eadon may be a a rabid penguin-head, but at least he signs his own name! And after all, he's *our* rabid penguin-head...

44
2
Silver badge
Trollface

Re: I'm not Eadon...

Not to mention that Eadon's anti-windows comments have no bearing on this, as the article states that Windows *can* and *does* brick a Samsung lappy the same as Linux. IIRC the 'AC's were also mostly MS shills saying the same thing about "freetards getting what they deserved".

So it is actually the shilltards who should be apologizing to *Eadon*. My my ... the irony...

22
4
Silver badge
Stop

Re: I'm not Eadon...

MS shills

Hate to pop your paranoia but I don't believe there are such creatures on the Reg boards. Even RICHTO is pretty much a reaction to Eadon, Bob Vistakin, Barry Shitpeas and Mrs Barry Shitpeas (I only noticed the other day that "Philomena Cunk" is another Charlie Brooker character, insert facepalm here).

The "shilltards" here seem to be confined to linux and Android.

For the record, I work for a small development company in South Wales at the moment.

3
9
Silver badge
Meh

Re: I'm not Eadon...

But I recall that any anti-Windows comment he may have posted on this particular topic was overwhelmed by a flood of 'AC's with such helpful suggestions as "Well if you will run freeware crap, you get what you pay for...".

Yeah I'm also noticing the rather muted response from the anti-Linux crowd on this article. It's like they've applied logic and realised they're wrong.

Or they're just not up yet - give it time.

8
0
Anonymous Coward

Re: I'm not Eadon...

Re: Eadon signs under his own name.

How do we know?

Is he also RICHTO, does he reply to himself under other pseudonyms or as AC? For all I know he may be half the people on the board, using a pseudonym is just as AC as using AC, because we don't know if comments are limited to that pseudonym from its owner.

2
1
Anonymous Coward

Re: I'm not Eadon...

You remind me of a French taxi-driver's comment on why a well known crook had just been re-elected Mayor:

"C'est un vieux con, mais c'est notre vieux con a nous."

1
0

@AC 16:26 Re: I'm not Eadon...

You could've just said maybe he's a sockpuppeteer.

0
0
Anonymous Coward

Re: I'm not Eadon...

Why blame Linux or Windows?

This is Samdungs fault. Anyone who is under any illusion that they make good products really needs to think again.

0
4
Linux

Re: I'm not Eadon...

But corebios is looking good about now. The more I read about UEFI the more i want to put linux there instead :-P

2
0
Anonymous Coward

Re: I'm not Eadon...

"For all I know he may be half the people on the board, using a pseudonym is just as AC as using AC"

I'm RICHTO and so is my wife.

0
0

Re: I'm not Eadon... MS shills

There are definitely MS shills / fanboys on the reg. You only have to look at all the downvoting that goes on. Most simply don't comment, they just sign up for an account then go around downvoting anything not pro-micro$oft. I've seen it first hand, hell I've even had one or two admit to it. It's sad really.

0
0
Silver badge

Re: using a pseudonym is just as AC as using AC

But if I used my real name here, how would you know it wasn't a pseudonym?

0
0
Silver badge

Re: This is Samdungs fault.

I believe the Kipling line is something approximating:

but the sins that you do two by two you shall pay for one by one.

Yes Samsung is primarily at fault for a very faulty BIOS/UEFI implementation. But the Linux distro was also at fault for sloppy coding and failure to test. Posters who weren't shilling for one side or the other appropriately beat up on both of them. We did give points to Linux guys for at least admitting they'd written sloppy code and rapidly posting defenses and fixes. And now it seems the Linux guys have done some solid research which indicates Samsung REALLY needs to fix their crap.

0
0
Silver badge
Linux

Poor Apple.

OSX simply is not modern and sophisticated enough to brick a Samsung laptop.

6
6
Silver badge
FAIL

Re: Poor Apple.

Or Apples been doing UEFI longer than anyone else....

5
6
Bronze badge

Re: Poor Apple.

and Silicon Graphics/SGI has been doing its own take on UEFI firmware a lot longer than apple........

2
0
Silver badge

Re: Poor Apple.

Intel's been working on EFI since 1998 if we really want to get into it.

It's Forth based, right? So we're probably talking about a stack overflow?

0
1
Anonymous Coward

Re: Poor Apple.

It's Forth based, right? So we're probably talking about a stack overflow?

No. You are confusing UEFI with Solaris's OpenBoot.

UEFI has a shell --> http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=Efi-shell

4
0
Silver badge
Coat

Re: Poor Apple.

> It's Forth based, right?

That would actually mean there was some hope.

Yet another "industry standard" that is a Bad Idea, Badly Implemented.

4
0
Bronze badge
FAIL

Re: Poor Apple.

Utterly incredible that all of this critical low-level code has been crap from back in the mists of time.

BIOS, UEFI, it seems to make no difference, it's nasty buggy stuff that is only just good enough to boot the hardware to the point where more capable software can rescue everything out of the cesspit.

A massive FAIL going back 30+ years...

5
0
Anonymous Coward

Re: Poor Apple.

SGI aren't consumer machines.

0
0
Anonymous Coward

Re: Poor Apple.

Who says it is the BIOS and UEFI to blame?

This is a case of poor implementation, the actual concept is sound.

0
0
Boffin

Re: Poor Apple.

EFI was invented by Intel to be the standard boot firmware for Itanium systems. It was only afterwards that someone thought it porting it to x86 would make a good replacement for the old PC BIOS, something which was well overdue.

0
0
Silver badge

Re: It's Forth based, right?

So what you're saying is that Intel said:

Go Forth and conquer

and they did?

0
0
Silver badge

@/dev/null: let me fix that for you:

...for the old PC BIOS, something which is still WELL overdue.

On the other hand, at the BIOS level you're pretty much coding by hand and error testing is tricky. Worst part is what assumptions do you get to make about your inputs, because you don't have a lot of room to maneuver. I don't even write sloppy .Net code let alone the sort of really well though through machine code that goes into a BIOS. It may be crap, but when I really think about it, those guys have actually done pretty well by us through the last 30 years.

1
0

Page:

This topic is closed for new posts.