UEFI

Introduction UEFI:

 Unified Extensible Firmware Interface (UEFI) is a specification for a software program that connects a computer's firmware to its operating system (OS). UEFI is expected to eventually replace basic input/output system (BIOS) but is compatible with it. The specification is most often pronounced by naming the letters U-E-F-I.

UEFI functions via special firmware installed on a computer's motherboard. Like BIOS, UEFI is installed at the time of manufacturing and is the first program that runs when booting a computer. It checks to see which hardware components are attached, wakes up the components and hands them over to the OS. The new specification addresses several limitations of BIOS, including restrictions on hard disk partition size and the amount of time BIOS takes to perform its tasks.

Most modern computer systems are equipped to support traditional BIOS, as well as UEFI, although Intel Corp. has stated its intention to phase out BIOS support in newer personal computers (PCs)

.In general, BIOS is considered a vestige from earlier computing, whereas UEFI is regarded as the wave of the future. However, for ease of understanding, some information technology users refer to the processes collectively as UEFI BIOS, despite their substantial differences.

UEFI's evolution from EFI

BIOS has been in use since the advent of disk OS computers in the mid-1970s. In 1981, IBM was the first vendor to incorporate BIOS in PCs, a move that prompted broad industry adoption. The emergence of UEFI parallels the increased drive densities used for modern application workloads.

Intel developed the Extensible Firmware Interface (EFI) as an outgrowth of its 64-bit Itanium server architecture in the 1990s, a technology codeveloped with computer maker Hewlett Packard (HP). The industry perceived EFI as a way to address the memory and processing limitations of BIOS in x86 server architectures. Those limitations included 16-bit computing mode, bounded system memory and tedious assembly language programming.

EFI, subsequently renamed Intel Boot Initiative, technically remains the property of Intel, although the vendor ceased sole development of the specification following the release of EFI version 1.10 in 2005. (By then, Intel had also phased out its Itanium processor line, following product delays and other hiccups.) Intel contributed EFI 1.10 to the UEFI Forum, an alliance of chipset, hardware, system, firmware and OS vendors.

The industry consortium manages the development of UEFI specification standards. The latest standard, UEFI 2.9, was made publicly available in March 2021.

Booting up: BIOS vs. UEFI

Turning on a computer kick-starts a chain of events that occurs before the OS is loaded. Firmware rouses the computer's subsystem to execute a series of tests and locates the boot loader, which, in turn, starts the OS kernel.

BIOS and UEFI both use low-level software to manage startup functions prior to booting an OS, albeit using different techniques.

BIOS resides on a chip on the machine's motherboard and initializes the central processing unit, random access memory, Peripheral Component Interconnect Express cards and network devices. BIOS runs a power-on self-test (POST) diagnostic sequence. POST ensures that hardware is configured properly and all components are functioning as intended.

BIOS runs only in 16-bit processor mode, which limits the number of software commands the firmware is able to execute at any one time. BIOS allots 1 megabyte of memory in which tasks can be executed. Interfaces and devices thus are initialized sequentially, which can contribute to a sluggish startup.

To accomplish its task, BIOS consults the Master Boot Record (MBR) to locate the OS and launch the boot loader. MBR uses 32-bit values to describe the offset and length of a partition, thus limiting BIOS systems to 2 terabyte (TB) drives and no more than four partitions.

UEFI behaves like a like a miniaturized OS that sits between firmware and the OS. It performs the same diagnostics as BIOS at startup but offers more flexibility. The OS boots directly in UEFI. This eliminates the need to repeatedly press toggle keys, as is required to boot BIOS.

UEFI stores initialization data in an EFI file partition in nonvolatile flash memory, rather than in the firmware. UEFI also can load during boot from a drive or a network share. UEFI also deploys a more flexible partitioning scheme than MBR, known as a Globally Unique Identifier Partition Table, or GPT. GPT was also created by Intel as part of EFI. GPT uses 64-bit values to enable the creation of up to 128 partitions and is required for systems launched from 2 TB drives and larger. The EFI partition uses the file allocation table, including FAT16, FAT32 or virtual FAT.

Most new desktop PCs, laptops and some tablets bundle UEFI firmware that runs in compatibility support mode for older 32-bit Windows. Computer manufacturers are expected to support BIOS in the near term, but the transition to UEFI is well underway. In 2013, custody of the Advanced Configuration and Power Interface (ACPI) was transferred to UEFI Forum.

Originally developed collaboratively by HP, Intel, Microsoft, Phoenix Technologies and Toshiba, ACPI is an open standard for BIOS that governs how much power is delivered to each peripheral device.

Advantages of UEFI

UEFI provides many significant enhancements over BIOS, including the following:

• Boot mode. Microsoft Windows users can run 32-bit UEFI or 64-bit UEFI, although experts recommend that the OS bit mode and the firmware bit mode should be the same to avoid communication issues during runtime.
• Drives. According to UEFI Forum, UEFI supports boot drives of 2.2 TB and higher capacities, including drives with theoretical capacity of 9.4 zettabytes. That far exceeds the maximum drive capacities currently available.
• Drivers. UEFI supports discrete drivers, whereas BIOS drive support is stored in read-only memory, which necessitates tuning it for compatibility when drives are swapped out or changes are made.
• Graphical user interface (GUI). UEFI enables new modules to be added to the GUI more easily, including device drivers for motherboard hardware and attached peripheral devices.
• Multiple OS support. Whereas BIOS allows a single boot loader, UEFI lets users install loaders for Debian-based Ubuntu and other Linux variants, along with Windows OS loaders, in the same EFI system partition.
• Programming. UEFI firmware is written predominantly in C language, which enables users to add or remove functions with less programming than BIOS, which is written in an assembler language, sometimes in combination with C.
• Security. Secure Boot is a UEFI protocol for Windows 8 or later Windows versions. Secure Boot makes a system's firmware the root of trust to verify device and system integrity. The goal is to prevent hackers from installing rootkits in the time between bootup and handoff to the OS. Secure Boot also enables an authorized user to configure networks and troubleshoot issues remotely, something a BIOS administrator must be physically present to do.

As computer makers gradually move away from BIOS, they typically integrate UEFI firmware that runs with Compatibility Support Module (CSM) in modern devices. Although not intended as a long-term solution, CSM enables UEFI-based machines to launch in legacy BIOS mode to work with older Windows versions and other OSes. However, users may find it preferable to upgrade to the latest version of the OS to realize the value of UEFI.

UEFI disadvantages, or when to boot from BIOS

Software is always a target for threat actors, and UEFI is no exception. One such attack, dubbed TrickBot, surfaced in December 2020. TrickBot malware works by attempting to spy on device firmware, which could permit malicious actors to subvert the boot process and gain access to the OS.

The TrickBot episode came on the heels of 2018 findings by ESET Research, a Slovak outlet for the information security community, which claimed to have discovered a rootkit in the wild that potentially enabled hackers to surveil UEFI firmware and install malicious code.