On Fri, Jul 19, 2013 at 08:01:22AM -0400, SAVIOCvs@aol.com wrote:
I developed a voting system (see _www.SAVIOC.com_ (http://www.SAVIOC.com) ) that uses ordinary old PCs, yet is more transparent and trustworthy than anything else in use today. All software, including the operating system (FreeDOS) boots from a floppy that can be verified by hash code. The PC never uses the hard drive, and doesn't even need one. Trustworthiness comes from people with different interests being able to prevent each other from doing anything fraudulent. I think the only significant potential vulnerability is that someone with physical access to the machines could install a malicious BIOS. Learning about the OpenBIOS project gave me hope of overcoming that vulnerability.
(1) Is my hope justified? Can a PC be booted from a floppy that completely replaces the native BIOS in RAM, and then loads FreeDOS? (Can the possibility of a malicious BIOS be made a non-issue?)
If all answers are YES, then the remaining very basic questions become important.
(2) Roughly how much space on the floppy would be required? (3) What downloads would I need? OpenBIOS AND OpenFirmware AND OpenBOOT? Anything else? (4) How are they downloaded? http://www.openfirmware.info/index.php/Downloads displays a page beginning, "This page has been deleted." All other links that imply the possibility of downloading reach a page headlined, "The page cannot be displayed".
I suspect that someone could write a BIOS that implemented a full hypervisor and then booted your code in a virtual machine. You probably won't have any way to detect that if it is done well. There are some methods used to detect being in a VM guest, but I believe most of them are there by design to help out the software when it needs to know.
Of course if you could make sure that isn't the case, you have the problem that you can't do address remapping (which you would need to replace the BIOS code) unless you are in 386 protected mode, so now youa ren't just replacing the BIOS, you are actually running code with your freedos running in virtual86 mode under whatever your replacement is. To some extent you are essentially implementing a hypervisor/virtual machine at that point, and of course virtual machines provide their own BIOS for the guest being booted. I don't know if you can fit a virtual machine on a floppy.