Featured Image from https://neosmart.net/wiki/enable-uefi-boot/
Over the Georgian weekend of Snowpocalypse 2017, I had posted about rough drafts I had found unfinished and new content I would be posting. A majority of the inspiration came from one of many, many conversations about computer life with my dad. At some point we talked about hardware maintenance: from the good old days of kick-starting a steam powered adding machine (joke) to modern machines that are obsolete by the time they are sold.
With that said, let’s dive into an area I’ve had some experience with and see if I can at least help out one reader (or two).
For the record, there will be no mention of brands, vendors, and so forth as this article’s purpose is meant for the here and the now. Things happen, but things mostly get resolved. Enjoy?
Hardware Maintenance Today
From the mainframe, to the terminal, onto the desktop, across the servers, and into the portable age of laptops, all of these require maintenance at some point. The difference today is that instead of tubes and soldering iron, much of it is done via update utilities. You know: the software that came pre-installed on your system to ensure you have easy access to drivers, firmware, and even BIOS updates.
I always thought it was a neat way, especially back in the day, to help keep PC users system’s healthy without involving the previous generations floppy or tape swapping. However, while the update client is still a great idea, many things have been added onto the hardware layer which makes board-based stacks a bit more complex. A few examples are Trusted Platform Modules (TPM), bio-metric devices tied into boot components, added low-level encryption, and of course, the transition from Basic Input Output Systems (BIOS) to Universal Extensible Firmware Interface (UEFI), some updates can prove to be a bit of a problem.
Before I go on with my own experiences and precautionary measures one can take, I want to make sure that you have better resources to explain TPM, BIOS, and UEFI. So, feel free to click on each acronym where more information on these topics can be found:
The last item I almost left out was that of the disk drive. Encryption is as old as war, so in this day and age you have no doubt heard of full hard disk encryption utilities, such as BitLocker, that even during the use of your hardware it keeps your data secure.
With all these layers making their way into the stack responsible from boot, to login, to every day use of our hardware, it isn’t hard for good intentions to toss a monkey wrench into your day. This brings us back to the update agents shipped with your new, sleek, and highly aerodynamic machines.
The Reboot Prompt
At some point, such as myself, you will receive a warning to reboot your machine. Sure, this is no doubt malicious as the vendor software has downloaded and installed anything from low-level firmware to updates for their own software running on your hardware.
If you are lucky, you have an option to push off these updates or at least speak with your resident IT expert to discuss the updates. I would recommend this – especially if your hardware has been built around 2008 or 2009 to the present. Why?
Twice I’ve had a “no choice reboot” and with the additional stacks added for boot-time, run-time, and OS-use security, I’ve almost ended up with a brick for hardware.
Unlike the lower levels, such as BIOS, network card firmware, and other updates that may trigger a potential security threat perception to the hardware, BitLocker resides at the OS level and I was easily able to be regenerated a key to validate my machine was not being hijacked or stolen.
The only problem I faced was that long before I could ever get to that screen, I had a BIOS loop wherein the machine never even hit the disk drive. It assumed the BIOS and other updates were injected as a means of theft. When I was able to get into the BIOS, I found out why this was:
My chipset has a hybrid combination of both BIOS and UEFI. Why this was and is – it is rather simple. Certain OSes and UEFI don’t (or didn’t) play well together, so while my hardware had been set to support UEFI, I found the BIOS update kicked it back to LEGACY (BIOS) mode. Correcting this and seeing BitLocker ask me for a challenge key was quite a relief.
The Main Point
I wasn’t trying to administer the hardware — I was trying to overcome an obstacle out of my control and document it. My experience is my own and I recommend if something similar happens to a machine you use – especially if it is property of your company – call those responsible for your hardware!
Long are the days of booting off a floppy, CDROM, or USB drive to simply update your BIOS and as such, be careful of any OS warnings to apply and reboot to apply endless loads of digital gunk: especially if you are not the administrator.
— JK Benedict | @xenfomation