Once in a while I pull a truly bone-headed move; last week I proved my own fallibility once again. It was a simple goal really; patch up my media center system. This included applying the new Vista SP1, updating my Nvidia and other system drivers, and hey, while I’m at it, might as well bump up to the latest motherboard BIOS.
How hard could this be, right? After all I’m an experienced IT professional. Over the years I have flashed literally hundreds of system BIOS, and up till a few days ago, without incident.
In retrospect there were some warning signs I should have headed. For starters, 1AM when you are about ready to turn in for the night – not the best time to flash your BIOS. Next, when looking up the new version of your BIOS on the manufacture’s web site, it’s helpful to know the exact model number of the motherboard rather then just “doing it by memory.” Finally, when you are at the command prompt and it warns you to be sure you have the right BIOS for your MoBo, get up off your butt and grab the manual or box for the motherboard and double check that you have downloaded the right one!
As you probably have guessed by now, I did not adhere to any of this great advice. And when the system rebooted after having flashed the wrong model BIOS, it became rather clear to me exactly what I had just done – Son-of-a-….
The Flashing Threat
While I managed to do this damage all on my own, some alarming news surfaced this past week indicating that malicious hackers are now contemplating the use of BIOS flashing attacks. These “Permanent Denial of Service” (PDOS) attacks would be used to infect routers and other such core network devices; and unlike other maliware and viruses, the goal of PDOS attacks is to cripple or completely destroy systems and networks.
Judging from my recent experience with an incorrectly flashed motherboard, I can attest to the lethality of such a scheme. A compromised system could not just be “re-formated” to factory defaults, as a messed up BIOS will leave the system totally inoperable.
BIOSMAN to the Rescue
After realizing my bush-league mistake I did what any technology professional would do – Cry. Ok, maybe that is an exaggeration, but I did start whining on Twitter about the situation, to which I received many concerned and compassionate replies. One particularly thoughtful suggestion was that I should simply enjoy my new piece of attractive wall art!
Thanks, but after the initial desperation and panic subsisted, I was able to locate several physical BIOS (Eprom) recovery/replacement services. I quickly settled on http://www.biosman.com/. After entering the requested information in the easy to follow online forms (step, by step asking about the make, model and other motherboard info), I was charged a modest fee. Even without selecting an express shipping method, my replacement BIOS chip arrived in the standard mail in under a week. Popping the new chip in was easy on my socketed motherboard, and presto! My media center was back up and at them.
While BIOSMAN is a wonderful service and deserves to be on your tech “oh shhhiiittt” goto list, I can’t stress enough how important it is to take care when patching your firmware. That, and the old axiom applies, “If it ain’t broke, don’t fix it!”