Introducing UEFI BIOS (Part 2)

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
12/5/2012 9:12:43 AM

Practical benefits of UEFI

We’ve mentioned that UEFI lets motherboard manufacturers provide a friendly graphical interface to system settings, and that may be reason enough to switch. Once you’ve used a handy dropdown menu to configure your hard disks and tweak the frequency settings on your CPU, the old business of moving back and forth with the cursor keys feels impossibly primitive.

However, UEFI provides a few more far-reaching benefits, too. A major one is the ability to work better with modern hard disks. The original PC BIOS system was designed to work with the Master Boot Record (MBR) partitioning system, which only supports disks of up to 2TB, and no more than four partitions per disk. This may have seemed like plenty of headroom back when the system was introduced in 1983, but today it feels restrictive.

Description: Once you’ve experienced UEFI, the traditional PC BIOS looks decidedly primitive

Once you’ve experienced UEFI, the traditional PC BIOS looks decidedly primitive

UEFI brings full support for the newer GUID Partition Table (GPT) partitioning scheme. This system can accommodate up to 128 partitions per disk, with a total capacity of 8ZB equivalent to eight billion terabytes. Modern BIOS implementations can often handle GPT disks, but with limitations: many are unable to boot from very large disks, limiting the usefulness of the latest 3TB drives. UEFI also allows a generally closer degree of integration between the operating system and the pre-boot environment something Windows 8 takes advantage of in its Advanced Startup Options. If you’re using a UEFI system, you can choose these options from the PC settings screen and select a device to boot from directly within the Windows 8 interface. (This option also appears if Windows 8 fails to start up properly, and takes you to the Troubleshooting screen.) If you’re using non-UEFI hardware, this option won’t be available: to boot from a device other than the default, you’ll have to jump in when the computer restarts and configure your BIOS directly.

Secure Boot

The most significant UEFI feature found in Windows 8 is Secure Boot a system that ensures only authorised operating systems can start up on your PC. It works by reading a cryptographic signature embedded in the OS boot loader and verifying it against a database of authorised keys stored within the UEFI firmware. When you buy a new Windows 8 PC, laptop or tablet, the relevant key is preinstalled by the manufacturer, so you won’t even know Secure Boot is active. However, if you try to start a different operating system, the UEFI platform will refuse to boot.

This may not sound like a good thing. Indeed, when it was first announced that all new Windows 8 hardware would come with Secure Boot enabled, there was uproar among the technorati. Microsoft was accused of shutting out competing operating systems, such as Ubuntu Linux, and limiting customers’ ability to run whatever software they wanted on their PCs.

Description: UEFI Secure Boot presentation slide at Microsoft BUILD conference

UEFI Secure Boot presentation slide at Microsoft BUILD conference

In reality, Secure Boot as implemented on x86 Windows 8 hardware brings real benefits, as we’ll discuss below. And it doesn’t stop you from doing anything. Although it’s enabled on all new Windows 8 systems, you can simply go into the UEFI settings and turn it off with a click. Once this is done, you can boot whichever operating system you like. If you’re upgrading older hardware to Windows 8 then it’s likely that Secure Boot won’t even be available; it requires the latest version of UEFI to function.

It’s also worth noting that you’re free to authorise bootloaders other than the Windows 8 one. For example, you might add a key for Ubuntu to the Secure Boot database, enabling both Windows 8 and Ubuntu to start, while continuing to disallow other, unknown operating systems. The precise process for generating a Secure Boot key should be detailed in the manual for your motherboard or laptop, or in the installation instructions for the operating system.

What’s more, Microsoft has agreed to allow other recognised operating system publishers to use the same bootloader key as Windows 8 (for a fee). Fedora Linux has already done this, so you can install and boot Fedora on a Windows 8 system with no additional configuration required.

The advantage of Secure Boot

Not only is Secure Boot not harmful, it can be greatly beneficial, both at home and at work. For businesses, it can help to enforce security policies. If users are able to plug in their own hard disks and boot into unauthorized operating systems, they could bypass restrictions on which software can be run, what sort of network access is permitted and so forth. If the IT department uses Secure Boot and a password protects the UEFI settings, to prevent them from being tampered with the potential for data leaks is greatly reduced.

For home users, Secure Boot can protect your security in a different way. Here, the major risk isn’t from corporate spies, but from malware. Specifically, Secure Boot protects your system against rootkit type infections that infect the bootloader and effectively make themselves hypervisors for the operating system. Secure Boot stops infections like this in their tracks by refusing to execute unrecognised startup code.

Description: Windows 8 security detailed Turning secure boot on and off on a Windows 8 PC

Windows 8 security detailed Turning secure boot on and off on a Windows 8 PC

Before we go overboard singing the praises of Secure Boot, there’s one catch we must point out. We mentioned above that Secure Boot could be disabled on x86 hardware. However, if you buy an ARM-based Windows RT device, you won’t be able to disable Secure Boot: on this platform, the feature is permanently locked on, and all third-party bootloaders are strictly banned. You can see why Microsoft insists on this: it ensures that consumer tablets provide a completely seamless and consistent experience, with no possibility of malware or confusing multiple environments. However, it’s bad news for anyone hoping to install Android or Linux on Windows tablet hardware.

What’s in a name?

The rise of UEFI raises questions about terminology. Some motherboard manufactures have taken to referring to their UEFI offerings as sporting a “UEFI BIOS”. Arguably, this is misleading, since the UEFI system completely replaces the classic PC BIOS.

However, the combination of UEFI and the underpinning firmware does constitute a “basic input and output system”, albeit not of the specific sort that’s typically referred to by the term “BIOS”. Alternately, you might take the view that the firmware itself is a BIOS, and the UEFI is merely a shell that sits on top of it. Either way, the use of the term BIOS isn’t exactly wrong, and as long as the term UEFI is present as well, the meaning should be clear.

Another question is how to pronounce UEFI. Although the Unified EFI Forum has published voluminous standards material, it hasn’t provided any official guidance on this burning issue. Here at PC Pro we tend to say “weffy”, but it’s been reported that Microsoft internally spells the term out as “U-E-F-I”. Another possibility is “you-fee”, or perhaps, for football fans, “you-eh-fee”. Whichever pronunciation you choose, get used to defending it: if the ongoing lack of consensus on “SATA” is any guide, pronunciation arguments over UEFI will probably be with us for at least as long as the technology itself.


Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Video Sports
- The Banner Saga 2 [PS4/XOne/PC] PC Launch Trailer
- Welkin Road [PC] Early Access Trailer
- 7th Dragon III Code: VFD [3DS] Character Creation Trailer
- Human: Fall Flat [PS4/XOne/PC] Coming Soon Trailer
- Battlefleet Gothic: Armada [PC] Eldar Trailer
- Neon Chrome [PS4/XOne/PC] PC Release Date Trailer
- Rocketbirds 2: Evolution [Vita/PS4] Launch Trailer
- Battleborn [PS4/XOne/PC] 12 Min Gameplay Trailer
- 7 Days to Die [PS4/XOne/PC] Console Trailer
- Total War: Warhammer [PC] The Empire vs Chaos Warriors Gameplay Trailer
- Umbrella Corps [PS4/PC] Mercenary Customization Trailer
- Niten [PC] Debut Trailer
- Stellaris [PC] Aiming for the Stars - Dev. Diary Trailer #1
- LawBreakers [PC] Dev Diary #4: Concept Art Evolutions
programming4us programming4us