Helps prevent malware infections, but could be a disaster for the enthusiast community: http://www.bit-tech.net/news/hardware/2012/08/24/nist-bios-protection/1
This is going to be one for Burnout21 to read, after he spent a very long time fighting a UEFI/Bios virus which even survived BIOS Flashing, very worrying stuff,read the thread for more Information. http://forums.bit-tech.net/showthread.php?t=233635
I had a BIOS virus once, a pretty nasty one too. It would infect every hard drive by corrupting NTLDR, even after reinstalling windows. While updating and resetting BIOS's settings (even using the jumpers) didn't seem to do anything, I bought a new motherboard. Unfortunately, even with a fresh new install of windows, the virus was still in the hard drive and infected the new motherboard. At that point I was getting a bit worried because I'd basically have to lose my personal data, the hard drive, and 2 motherboards. As a last ditch effort, I was able to boot up a Knoppix (linux live CD) and I managed to copy my personal files while formatting the drive completely. I shut down the computer, removed the hard drive, and found out I that removing the CMOS battery had a further effect that the jumpers don't do. So, I removed it and the virus was gone. By the time I found out about that, I already trashed my old board, but oh well. I was probably 16 years old at the time.
I might've been living under a rock, but I don't think I have yet seen any third-party BIOS updates worth of notice. Maybe it's got more to do with motherboards I've used. I think it (Regenscheid's second suggestion) would be a fair trade-off for increased BIOS security, seeing how even pretty computer adept people get their machines infected every now and then.
...mind explaining? That's a pretty harsh accusation with nothing to back that up. This article was discussing ways to protect BIOS from malware. BIOS viruses are, IMO, about as common as getting a virus on a Mac, so I thought I'd share my story to show what to do in case someone else gets the same problem I did. I'm not sure how that disconnects me from reality in any way.
The virus/malware that Burnout21 fought against didn't hijack or modify the BIOS/UEFI. It "merely" abused some legitimate functionality therein (Computrace; although that may count as a virus in itself ). The virus itself most probably has hidden itself in the HPA of the HDD. The proposal from NIST is a two-edged sword. It's what lies at the foundation for Microsoft's Secure Boot feature/requirement. It'll most certainly be implemented only for UEFI as that is where the main problem lies. UEFI is almost like a tiny OS unto itself. It's quite powerful, yet not very protected against tampering, which makes potential UEFI malware so dangerous. Standard BIOSes are full of exploitable holes as well, but the code is so esoteric and there is such a myriad of different versions that it doesn't make sense to target any BIOS with malware.
