[OpenBIOS] Secure BIOS for voting?
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Fri Jul 19 15:35:47 CEST 2013
On Fri, Jul 19, 2013 at 08:01:22AM -0400, SAVIOCvs at aol.com wrote:
> I developed a voting system (see _www.SAVIOC.com_ (http://www.SAVIOC.com) )
> that uses ordinary old PCs, yet is more transparent and trustworthy than
> anything else in use today. All software, including the operating system
> (FreeDOS) boots from a floppy that can be verified by hash code. The PC
> never uses the hard drive, and doesn't even need one. Trustworthiness comes
> from people with different interests being able to prevent each other from
> doing anything fraudulent. I think the only significant potential
> vulnerability is that someone with physical access to the machines could install a
> malicious BIOS. Learning about the OpenBIOS project gave me hope of
> overcoming that vulnerability.
>
> (1) Is my hope justified? Can a PC be booted from a floppy that
> completely replaces the native BIOS in RAM, and then loads FreeDOS? (Can the
> possibility of a malicious BIOS be made a non-issue?)
>
> If all answers are YES, then the remaining very basic questions become
> important.
>
> (2) Roughly how much space on the floppy would be required?
> (3) What downloads would I need? OpenBIOS AND OpenFirmware AND OpenBOOT?
> Anything else?
> (4) How are they downloaded?
> http://www.openfirmware.info/index.php/Downloads displays a page
> beginning, "This page has been deleted." All other links that imply the possibility
> of downloading reach a page headlined, "The page cannot be displayed".
I suspect that someone could write a BIOS that implemented a full
hypervisor and then booted your code in a virtual machine. You probably
won't have any way to detect that if it is done well. There are some
methods used to detect being in a VM guest, but I believe most of them
are there by design to help out the software when it needs to know.
Of course if you could make sure that isn't the case, you have the
problem that you can't do address remapping (which you would need to
replace the BIOS code) unless you are in 386 protected mode, so now youa
ren't just replacing the BIOS, you are actually running code with your
freedos running in virtual86 mode under whatever your replacement is.
To some extent you are essentially implementing a hypervisor/virtual
machine at that point, and of course virtual machines provide their own
BIOS for the guest being booted. I don't know if you can fit a virtual
machine on a floppy.
--
Len Sorensen
More information about the OpenBIOS
mailing list