back to article You'll never guess what you can do once you steal a laptop, reflash the BIOS, and reboot it

If you can steal someone's laptop, leave it switched on in sleep mode, crack it open, hook up some electronics to alter settings in the BIOS firmware, restart it, and boot into a custom program... you can swipe crypto keys and other secrets from the system. When computers are restarted, the motherboard firmware can wipe the …

  1. Anonymous Coward
    Anonymous Coward

    Again,

    This is *old* news.

    Truecrypt mitigated this "attack" as does using a BIOS (BIOS!!, FFS it's all UEFI now) boot up password or BIOS setting password. And physically turning the machine off also dealt with this.

    Or is this some new kind attack based on these old principles?

    1. tip pc Silver badge

      Re: Again,

      How many people turn their machine off?

      I’ve always put it in sleep or hibernate and now get nagged that I’ve not rebooted in a week and the machine goes ahead and reloads when I least expect it as per company policy.

      I don’t shutdown so I can restart where I left off the next day. Mac OS handles reloads by putting you back where you left off. It’s weird that windows can’t match that functionality.

      1. Anonymous Coward
        Anonymous Coward

        Re: Again,

        It does, with Hibernate, and has for decades or thereabouts (I used it least Win2000, but I'd heard of it before that).

        1. big_D Silver badge

          Re: Again,

          @AC

          No, Hibernate isn't the same as restoring a session after the OS restarts the PC to install updates. Yes, Hibernate, suspend to RAM etc. brings the PC back up to where it was when it was suspended / hibernated, but that doesn't help if the PC is rebooted.

      2. Oengus

        Re: Again,

        How many people turn their machine off?

        I, personally, always shut down the PC when not in use. Yes it is a bit of a pain having to wait for the PC to boot but with SSDs that time is dramatically reduced.

        1. darklord

          Re: Again,

          always shut down as my laptop running win7 takes 10 mins to come out of hibernation or sleep mode, whereas from cold less than a minute

          1. Anonymous Coward
            Anonymous Coward

            "win7 takes 10 mins to come out of hibernation"

            If you have a lot of RAM, reading back the hibernation file may be longer than reading just the code to be run and initialize it. With enough cores, the processes than run in parallel, but reading from disk, especially non SSD ones, is still mostly a serial task.

            1. JeffyPoooh
              Pint

              Re: "win7 takes 10 mins to come out of hibernation"

              "If you have a lot of RAM..."

              Isn't that the silliest thing? That the OS mindlessly stores the entire RAM to disk. 16GB of RAM, fresh from cold boot, Hibernate = 16 GB file. Stoopid stoopid stoopid.

              Keep in mind that it's the OS, as in Operating System. Apparently it doesn't know which parts of the RAM are in actual use and which are not.

              More accurately, Microsoft can't be arsed to perform this function more efficiently. Lazy pigs.

              I expect that they'll figure it out eventually.

        2. Fatman
          Linux

          Re: Again.. How many people turn their machine off?

          At my former employer - it was mandated that desktop machines be shut down at the end of the day.

          If it isn't powered up, then it can not be pwned during the overnight/weekend hours.

          This policy arose from an incident where an executive left his machine on, and it was infected with malware. Those behind the attack had the whole weekend to surf out or internal network. Cleaning up the mess was one of the reasons why we ditched Windows, and went to Linux. The other being a nastygram from the BSA that was quite costly.

          1. vtcodger Silver badge

            Re: Again.. How many people turn their machine off?

            Nothing wrong with powering off when not in use, but perhaps it'd be a good idea to unplug as well. There is something called -- as I recall -- Wake On LAN that allows "powered off" devices to be turned on remotely. Obviously, some hardware isn't as turned off as one might desire when one flips the power switch off. Who knows for sure what is actually running in there when the power is "off".

            1. Anonymous Coward
              Anonymous Coward

              "perhaps it'd be a good idea to unplug as well. "

              WoL can usually be disabled from the BIOS settings. As long as your company doesn't use it to apply patches or run backups. Anyway the RAM of a machine left running with different applications opened is usually far more interesting than the RAM of a machine just booted and no one logged on.

            2. Wzrd1 Silver badge

              Re: Again.. How many people turn their machine off?

              Wake on LAN has to be enabled in BIOS.

            3. jcitron

              Re: Again.. How many people turn their machine off?

              Wake on LAN is a BIOS setting actually. I turn mine off on my desktop and All-in-1. I neglected to turn it off once and got awakened by a system update so now it's the first setting I change on the power management page in the BIOS.

              I can see this being useful if the PC is in a corporate environment and the IT department pushes out system updates across the LAN, or needs to turn on servers remotely after a power down, but for genera home use it's not necessary.

              Good luck to the people that take my All-in-1. They'll be dreadfully disappointed because all that's on that is Xodo PDF viewer and PDFs of sheet music. It beats turning pages while playing the piano!

              My desktop gets turned off daily. It takes a less than 30 secs to boot, and few seconds to reload a browser after logging in. The browser I use, Opera, can be configured to reload last pages and tabs anyway so that's no biggy.

          2. Joeyjoejojrshabado

            Re: Again.. How many people turn their machine off?

            "The other being a nastygram from the BSA that was quite costly."

            The British Shakesphere Association are real bastards.

            1. Anonymous Coward
              Anonymous Coward

              Re: Again.. How many people turn their machine off?

              "The British Shakesphere Association are real bastards."

              Let me guess - you shouted "Francis Bacon" under their windows?

            2. ITS Retired

              Re: Again.. How many people turn their machine off?

              The Boy Scouts of America? I suppose some teenage antics can get out of hand.

            3. onefang

              Re: Again.. How many people turn their machine off?

              "The other being a nastygram from the BSA that was quite costly."

              "The British Shakesphere Association are real bastards."

              To sue, or not to sue?

            4. Fred Dibnah

              Shakesphere

              That explains the Globe Theatre.

            5. Wayland

              Re: Again.. How many people turn their machine off?

              "The other being a nastygram from the BSA that was quite costly."

              The British Shakesphere Association are real bastards.

              Birmingham Small Arms.

          3. Wzrd1 Silver badge

            Re: Again.. How many people turn their machine off?

            This policy arose from an incident where an executive left his machine on, and it was infected with malware. Those behind the attack had the whole weekend to surf out or internal network.

            We have 24/7 monitoring of the network and systems logs via two layers of monitoring. And a host based IPS system. And 24/7 on call staff to respond to any incident.

            The few times I saw a network pwned, it was due to a lack of a system administrator following policy and either not performing the proper baseline configuration or using found USB mass storage devices on the servers and due to the misconfiguration, autorun installed the malware.

            They received punishing paid overtime and were named company heroes for working all of that overtime to fix what they fouled up. Until they promptly reinfected everything, precisely the same way in which they did the first time. The DoD was not amused that time.

        3. Ochib

          Re: Again,

          "I, personally, always shut down the PC when not in use. Yes it is a bit of a pain having to wait for the PC to boot"

          Every morning it runs like this;

          1) Power Laptop up

          2) Get coffee

          3) Drink coffee

          4) After stage 2 and 3 the laptop is ready for me to logon

          1. Solo Owl

            Re: Again,

            My main computer at home is set to turn itself on a few minutes before my phone is programmed to make a very loud noise that is intended to activate me. By the time I fininsh ablutions and find breakfast, the computer is ready and anxious to read mail and the papers. Even with the slowest boot time.

            1. matjaggard

              Re: Again,

              The problem for me is not boot time but remembering WTF I was doing before I left for the pub on Friday evening.

        4. Wzrd1 Silver badge

          Re: Again,

          We disable sleep and always have. Hibernate can be attacked using a different method.

          I either lock the machine and leave it running or shut it down. Either way, it comes home with me.

          Where someone stealing it is unlikely, as they have to get past the security robots, laser wielding sharks, elevators with dubiously reprogrammed controllers, the hallway of flamethrowers, followed by a liquid nitrogen moat. All, while the BOFH MKII watching and waiting.

          1. Allan George Dyer

            Re: Again,

            Don't you find that the liquid nitrogen makes the sharks sluggish? You have seen the memo making sharks compulsory in moats?

      3. onefang

        Re: Again,

        "How many people turn their machine off?"

        I do. Or rather I don't use any sleep or hibernation modes in anything. On the other hand, I don't like laptops much, but I do use a couple that belong to others regularly, and I turn them off when I'm done.

        I'm wondering why they didn't tell Linux and BSD people about this, only Apple, Intel, and Microsoft? Even AMD was left out in the cold (pun intended). Of those couple of laptops I mentioned, one is Linux only, the other dual boots Linux and Windows.

      4. Mage Silver badge
        FAIL

        Re: Again,

        Madness.

        I shut down. It takes about minute to boot Linux. My old (2002) XP laptop boots in under a minute, or did last year (converting some PSP7 to photoshop format for The Gimp). Making a cuppa or even fetching chilled fizzy water takes longer than a cold boot even with mechanical HDD. Unless you have an "out of the box" Windows with every service on and a load of nonsense autorunning in Startup etc. I've pared a Win7 boot on HDD from 2min 45sec to 20 sec.

        I also unplug all chargers overnight. One of the highest fire risks. I can easily recharge any of my gadgets between early evening and bedtime.

        Linux CAN start off (and to a limited extent, Windows) where you were from a cold boot. I decided over 10 years ago that this was a bad idea. I can easily get back the documents, web pages and emails I was looking at. All those programs store state on exit (or periodically in case of a crash). Notepad++ on WINE on Linux opens all the documents. If you use native format instead of MS, the LibreOffice remembers your location.

        Use case for hibernation is when running out of battery suddenly and no time to save. Sleep MAYBE to carry from desk to desk?

        Sleep has always been insecure and also unreliable for peripherals, esp WiFi.

        1. 's water music
          Flame

          Re: Again,

          I shut down... ...I also unplug all chargers overnight. One of the highest fire risks.

          Use your opponent's strengths against her. When I am finished for the day I simply drive a large nail through the battery compartment of my laptop which consumes the whole assembly with fire and renders the laptop uncompromisable overnight.

          1. onefang

            Re: Again,

            "When I am finished for the day I simply drive a large nail through the battery compartment of my laptop which consumes the whole assembly with fire and renders the laptop uncompromisable overnight."

            As a bonus, no need to turn on the heater during cold nights. Takes a long time to boot in the morning though, walk to the nearest computer store, buy new laptop, walk to where ever your offsite backups are stored, bare metal restore, walk back home, reboot. Could get expensive, I hope you have a cheap source of suitable large nails.

          2. JeffyPoooh
            Pint

            Re: Again,

            'swm suggested, "...drive a large nail through the battery compartment..."

            Interestingly, the high energy density lithium primary (non-rechargeable) cells used in the latest avionics have to meet a TSO that precludes fire when a nail is driven though them.

            Fizz and bubble is okay, but not fire.

    2. big_D Silver badge
      Black Helicopters

      Re: Again,

      I was talking to a friend recently and he had the Federal Office for the Protection of the Constitution visit him. And in a general discussion, they gave some advice.

      Their advice was, if a computer gets compromised and it has UEFI, shred it. Don't bother trying to do a clean install, because you can never be 100% sure they haven't slipped something into the UEFI. You can't just throw out the old drives and put new ones in any more. Likewise, even updating the UEFI isn't a 100% guarantee.

      Similarly, he was advised that if you are visiting certain foreign countries, you shouldn't take a laptop or phone with you, or rather just a burner phone and laptop with no sensitive information on them and throw them in the bin when you return.

      And I thought I was paranoid!

      1. onefang
        FAIL

        Re: Again,

        "Their advice was, if a computer gets compromised and it has UEFI, shred it."

        So much for being more secure.

        1. Wayland

          Re: Again,

          Motherboards have been getting smarter over the years. In the past all they could really do was look for something to boot from. Now they have the capabilities to connect to the Internet with no drives connected.

      2. Wzrd1 Silver badge

        Re: Again,

        Their advice was, if a computer gets compromised and it has UEFI, shred it. Don't bother trying to do a clean install, because you can never be 100% sure they haven't slipped something into the UEFI. You can't just throw out the old drives and put new ones in any more. Likewise, even updating the UEFI isn't a 100% guarantee.

        Understanding the UEFI system, it's simple enough to reset to factory defaults, flash the BIOS to factory as well and wipe the hard drive. Have yet to have a system retain nastiness once I got my mitts on it.

        The script deletes all partitions, creates a single full drive partition, formats it, deletes that partition, resets BIOS to factory defaults, flashes the BIOS, resets it again, then creates new partitions, copies base files, reboots and does hash testing on the files, then goes on for installation.

        Even the NSA was impressed.

    3. This post has been deleted by its author

  2. Anonymous Coward
    Anonymous Coward

    I don't see how a firmware password can protect Macs when you can use a SOIC clip (older macs) or JTAG (newer macs) to interface with the UEFI chip directly and reflash the firmware, hex edit the SVS variable or even change a specific value to force the NVRAM to clear on next boot. Obviously requires a fair bit of knowledge rather then the average offload the stolen Mac on eBay scenario but still.

    1. Dan 55 Silver badge

      Perhaps it should read setting a FileVault password, which encrypts the hard disk.

  3. chivo243 Silver badge
    Headmaster

    Physical Access

    Physical Access = Game Over

    I hope this is self explanatory?!

    1. Crypto Monad Silver badge

      Re: Physical Access

      "But encryption keys aren’t stored in the RAM when a machine hibernates or shuts down. So there’s no valuable info for an attacker to steal."

      Maybe not - but if they can reflash the firmware, they can put in a keylogger or whatever trojan nonsense they want.

      The missing laptop is "found", "handed in" to the hotel, returned to its owner, gets used again, and is p0wned forever more. This is the well-known Evil Maid attack.

      1. Christian Berger

        Re: Physical Access

        "Maybe not - but if they can reflash the firmware, they can put in a keylogger or whatever trojan nonsense they want."

        Now "Secure" Boot proponents will tell you that "Secure" Boot saves you from that. However there is a simple workaround to that. Company notebooks typically are from a narrow range of devices easily obtained by any attacker:

        Just get the same model, install some form of software mimicking a system booting up then asking for a password and displaying a "wrong password" screen while sending the password off to you.

        Then you use some social engineering and secretly swap the laptops. Claim to be from another branch of the same company and leave your business card with your mobile phone number.

        Once the victim enters the password, you have it and can unlock the computer. Eventually the victim will suspect there having been a mixup and call you to swap them back.

      2. Anonymous Coward
        Paris Hilton

        Re: Physical Access - This is the well-known Evil Maid attack.

        You missed the correct icon ---->

  4. deadlockvictim

    Sociopathic

    Article» Whether or not it's easier than smacking the laptop owner with a two-by-four until they give up their login password is, well, an exercise left to our more sociopathic readers.

    They are *executives*.

    Think of Dilbert's boss and all of his bosses.

    Actually just think the c-suite in general.

    Think about your last payrise.

    What would the BOFH do?

    1. Giovani Tapini

      Re: Sociopathic

      [What would the BOFH do?]

      He would offer to carry the laptop and papers, while helpfully opening the lift door and allowing boss to get in first, unencumbered. BOFH forgot to mention the lift floor was in the process of being replaced... oops!

    2. onefang

      Re: Sociopathic

      "What would the BOFH do?"

      Similar to that bit you quoted - smacking the laptop owner with a clue-by-four until they learn better security practices.

  5. Little Mouse

    Sleep Mode - Biting users in the backside since it's inception.

  6. Alan J. Wylie

    smacking the laptop owner with a two-by-four?

    Surely a $5 wrench?

    1. big_D Silver badge
      Boffin

      I'd use the King Dick, as recommended by John Cadogan. But you don't whack them about the head with it.

      For more useful advice on how to use the King Dick, watch John's YouTube channel, especially the Nut Fest Friday episodes, with his cock. Yesss!

    2. Alan Brown Silver badge

      "Surely a $5 wrench?"

      Rubber hoses leave fewer marks.

      1. Wzrd1 Silver badge

        "Surely a $5 wrench?"

        Nah, I like to leave a good impression. Ten pound sledgehammer. I'll have the password before the SOB runs out of knees.

  7. DrXym

    So in summary

    If you happen to be running a device that runs a very specific BIOS, AND it was left in standby, AND it was encrypted, AND the device is easy to crack open (most ultrabooks aren't), AND it was stolen by technologically savvy hackers AND they have the exact custom firmware to flash that make and model, AND they know what they're looking for THEN you should be worried?

    I can think of easier modes of attack.

    1. TReko

      You gotta be fast

      DRAM will also fade out, so you have to act fast, how fast depends on temperature - note the coolant spray used in the video.

      Modern Windows apps also should store passwords etc in secure storage provided by the OS, which is encrypted.

      Windows 10 also compresses the RAM pages, which I guess was disabled to make this attack easier.

      1. Wzrd1 Silver badge

        Re: You gotta be fast

        Modern Windows apps also should store passwords etc in secure storage provided by the OS, which is encrypted.

        Rather like writing down the combination to the secure safe, then storing it inside of said safe.

        I've actually witnessed someone do just that. I acidly corrected the individual and told them to use the other secure safe.

        I say secure safe within a specific context, as it has very specific ratings and itself is inside of a secure facility, inside of a specially rated vault that has 24/7 monitoring via multiple methods.

  8. The Alphabet

    If you want absolute security then the laptop should have a kill switch that automatically erases all the things including any USB devices, repeatedly, until the battery dies, if you are not physically touching the unit after 60 seconds.

    It might make having a shower and sleeping difficult, but security is more important than such trivial things.

    1. Danny 14

      or just aet the GPO to disable fast boot. That clears thingsbon the way out and cold starts.

  9. JimmyPage Silver badge
    Stop

    Security vs. convenience

    It's possible to devise a chip that can fry it's own circuits - say if the wrong passcode is entered (or entered twice ...)

    The reason such chips haven't been developed is because despite offering Hollywood-blockbuster levels of security, the first time one ACTUALLY fried itself, and some moronic user puts on their Daily Mail sadface with a headline about how they "lost" £1,500 simply because the entered the wrong passcode (or their darling brat did) and it's game over. So no point in spending a kings ransom on the R&D only to be told that HP/Dell can't sell a machine with such a feature.

    Those with long enough memories might recall the "scandal" in the 80s of the pisspoor security around cars - bent twig and you're in. After taking repeated pastings, the manufacturers delivered some pretty good security. Of course the first headline was "man stung for £1,500 after losing his key". Security vs. convenience. Guess which won ??????

    1. Fading
      Flame

      Re: Security vs. convenience

      POKE 59458,62,

      1. big_D Silver badge

        Re: Security vs. convenience

        @Fading

        Funny, I was just talking about that yesterday with my boss.

        1. Giovani Tapini
          Trollface

          Re: Security vs. convenience

          Thinking about POKE'ing your boss?!?

      2. E net

        Re: Security vs. convenience

        @Fading

        POKE 59458,62,

        Wow we learn something "old" every day :)

      3. Wzrd1 Silver badge

        Re: Security vs. convenience

        SYS 64738

    2. Brian Miller

      Re: Security vs. convenience

      The reason such chips haven't been developed...

      No, such chips have been developed, and are commercially available. I work with a number of processors that will happily brick themselves, very nearly on the old "BBIL" (branch on burnt-out indicator light) instruction. One chip I work with has counters, which will cause the device to brick when they hit zero. It also has an array of "fuses" which, you guessed it, when they're all "burned" will cause the device to brick. And of course it's deliberately horribly sensitive to all sorts of environmental fluctuations.

      And the chip costs 23 cents in quantities of 1,000.

      You are right that the executives wouldn't go for it. I know: on occasion I had to support the sales VP, who just "couldn't" allow a reboot on his machine because the spreadsheet would close. Um, yeah.

      1. Danny 14

        Re: Security vs. convenience

        samsung KNOX works exactly like that. And is in every samsung phone for years. Early ones could be tricked into not tripping. new ones not so much.

    3. Wzrd1 Silver badge

      Re: Security vs. convenience

      The reason such chips haven't been developed is because despite offering Hollywood-blockbuster levels of security, the first time one ACTUALLY fried itself, and some moronic user puts on their Daily Mail sadface with a headline about how they "lost" £1,500 simply because the entered the wrong passcode (or their darling brat did) and it's game over.

      I own several Ironkey devices, which do precisely that. They're also designed to brick if cut into.

      1. Charles 9

        Re: Security vs. convenience

        Thing is, how many calls come in for bricked devices due to simple wear and tear or forgetfulness. Would also hate to think World War III could hinge on things like these...

  10. Bibbit

    F-Secure's Olle Segerdahl and Pasi Saarinen...

    Demonstrates two guys that need to get out more. Is 'hibernate' still a thing? I do not see it on many machines myself. Then again, I am a freak who does proper shutdowns rather than sleeps.

    Kudos for the Mr Freeze pic, El Reg. Reminds me of yet another time Arnie was robbed of an Oscar.

    1. Anonymous Coward
      Anonymous Coward

      Re: F-Secure's Olle Segerdahl and Pasi Saarinen...

      "Arnie was robbed of an Oscar".

      Funniest comment on the thread.

    2. Anonymous Coward
      Anonymous Coward

      Re: F-Secure's Olle Segerdahl and Pasi Saarinen...

      Chill out

  11. mark l 2 Silver badge

    I always shutdown my laptop after I have finished using it, but then again my laptops battery is pretty knackard so it only last about 15 mins off the mains, so putting it into sleep would probably mean I would come back to find I would have to cold boot anyway when the battery eventually ran out.

    To be honest 99.9% of the time when your laptop is stolen it is by some some petty criminal who is looking to sell it on to make a few quid. If they find it is asking for passwords they cannot easily bypass they will probably just throw it in the nearest bin and go and nick another one. They are very unlikely to have the skills to do any of the stuff that is mentioned in the article, as if they could they probably wouldn't be going around nicking laptops but have well paid consulting jobs.

  12. Anonymous Coward
    Anonymous Coward

    yawn... what, infosec advisement?

    Oh... lol. "Sleep" function.

    Yeah, we turned that off a Millennia ago...

    "where's my teddy"?....

    yawn.

  13. CrysTalK

    Use of digest and or checksums

    I also shutdown after each use, and everytime I bootup I need to enter 4 different passwords to get a working environment. First is HDD BIOS password, then BIOS System password, then GRUB menu password (SHA512), then Windows logon password, then some private archives were also encrypted. This is just a personal laptop with nothing to protect except my daughters photos and some banking PDF files which are also password-protected by the bank itself.

    On the othe rhand, I think any type of encryption used by the owner on his/her documents and private stuff would make this types of cold b oot attack useless. Even zip encryption or .7z compression with strong crypto would defend against this cold boot attack, as long as the password is not stored in any plaintext documents sitting on the filesystem.

    1. tentimes

      Re: Use of digest and or checksums

      I suspect then that you are in fact a paranoid schizophrenic.

  14. steve 124

    OMG we're all skrude!!!

    <running around with hair on fire>

    The End is here! The End is here!

    My only thoughts on this are, if you're worried enough to encrypt your hard drive, why in the world would you put your laptop into sleep mode instead of turning it off? That's just retarded.

    <pours beer on head>

    Nothing more to see here folks... move along.

    1. Anonymous Coward
      Anonymous Coward

      Re: OMG we're all skrude!!!

      I tend to agree. The message from work like this should simply be "These are good security practices, follow them because you don't know what might happen if you don't."

      Some of them are a bit like "If you go into the red light district of an unfamiliar city unaccompanied and a dodgy looking character asks if you want to go down a long dark alley to meet his sister, you might not be going to meet an attractive, 18 year old, disease free nymphomaniac." It may be interesting in a Schadenfreudian way to read about people who did, but at some point someone is going to say "couldn't this just be generalised into "don't go down dark alleys in red light districts".

      This is quite different from things like Spectre, of course, which doesn't have a simple, obvious mitigation like "turn off when not using and keep secure when off site".

    2. Alistair
      Windows

      Re: OMG we're all skrude!!!

      @steve 124:

      so -- with wasting a beer, you're now to be known as steve 123?

  15. jelabarre59

    even simpler

    The most effective workaround this problem is not to have anything on your laptop worth stealing (or at least not worth the effort this would take)

    1. Charles 9

      Re: even simpler

      Except the laptop itself I'd often worth taking. For parts, if nothing else...

  16. drewzilla79

    The Cold Shoulder?

    Came for Mr. Freeze puns. Leaving disappointed.

    1. diodesign (Written by Reg staff) Silver badge

      Re: The Cold Shoulder?

      There, added a couple in the caption.

      C.

    2. onefang

      Re: The Cold Shoulder?

      I thought I provided one yesterday?

  17. Gene Cash Silver badge
    Facepalm

    Linux is far more secure

    Linux has built-in defenses against this.

    When I put my laptop in sleep or hibernate, it just crashes.

  18. Anonymous Coward
    Anonymous Coward

    Does this work on Chromebooks? I do not think it does, but I may be wrong.

  19. 89724102172714182892114I7551670349743096734346773478647892349863592355648544996312855148587659264921

    Basic Input Output System - that's what we need but what my new motherboards all seem to have is a damn operating system of it's own which often makes - undocumented - bloody decisions about which default boot device to use. I'd prefer feature-poor BIOSs.

    1. Charles 9

      Wasn't the problem, though, that they were SO feature-poor that programs routinely bypassed them and went straight to the metal?

  20. 2Fat2Bald

    For me, sleep/hibernate/suspend are for walking from one meeting to another. Or Possibly to preserve battery life when you're going AFK for a bit. They're not for making sure your PC pops up as you left it the following day. People do that and then complain when their PC runs slowly and takes 30 minutes to reboot when it finally, finally, finally gets to patch. Memory leaks are still a thing, I'm afraid.

  21. Anonymous Coward
    Anonymous Coward

    Re: Trump has become more deranged

    very old. you even acknowledge it's old news... so why print it again?

  22. Aseries

    Hybrid Sleep

    I use HYBRID SLEEP with Windows 10. Let the machine sleep and after a preset time it puts itself in hibernation.

  23. Selden

    Aside from the sheer unlikelihood of this scenario, no mention of Chromebooks. Even if someone can reflash the BIOS, everything stored on a Chromebook is encrypted, so there is no data vulnerability. The worst that can happen is the that thief powerwashes it, which destroys all data, then sets it up for his own use.

    Reference: https://chrome.googleblog.com/2011/07/chromebook-security-browsing-more.html

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like