[OpenBIOS] Secure BIOS for voting?
Mark Morgan Lloyd
markMLl.openbios at telemetry.co.uk
Fri Jul 19 15:41:05 CEST 2013
Nick Couchman wrote:
>>>> On 2013/07/19 at 06:01, <SAVIOCvs at aol.com> wrote:
>> I developed a voting system (see _www.SAVIOC.com_ (http://www.SAVIOC.com) )
>> that uses ordinary old PCs, yet is more transparent and trustworthy than
>> anything else in use today. All software, including the operating system
>> (FreeDOS) boots from a floppy that can be verified by hash code. The PC
>> never uses the hard drive, and doesn't even need one. Trustworthiness
>> comes
>> from people with different interests being able to prevent each other from
>> doing anything fraudulent. I think the only significant potential
>> vulnerability is that someone with physical access to the machines could
>> install a
>> malicious BIOS. Learning about the OpenBIOS project gave me hope of
>> overcoming that vulnerability.
>>
>> (1) Is my hope justified? Can a PC be booted from a floppy that
>> completely replaces the native BIOS in RAM, and then loads FreeDOS? (Can
>> the
>> possibility of a malicious BIOS be made a non-issue?)
No, because you cannot prove that the native BIOS doesn't include some
facility that "infects" the replacement loaded from floppy.
--
Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk
[Opinions above are the author's, not those of his employers or colleagues]
More information about the OpenBIOS
mailing list