https://forum.asrock.com/ Copyright (c) 2006-2013 Web Wiz Forums - All Rights Reserved. Fri, 15 May 2026 22:02:57 +0000 Fri, 07 Apr 2023 23:08:10 +0000 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 12.04 360 https://forum.asrock.com/RSS_post_feed.asp?TID=25279 https://forum.asrock.com/forum_images/web_wiz_forums_black.png https://forum.asrock.com/ https://forum.asrock.com/forum_posts.asp?TID=25279&PID=104408&title=bios-file-hashes-or-signatures-question#104408 Author: threadzipper1957
Subject: 25279
Posted: 07 Apr 2023 at 11:08pm

I don't think any brand does this, but every BIOS is verified for a board before You update, so it can only use a BIOS verified for that particular board.
And Honestly, after 40 years in the business, the only time people ruined theur BIOS, was by there own doing, or downloading it from a different website, other than the manufacturers.
I think, only when its proven, that a BIOS on their website, is hacked, they will react to the threat]]> Fri, 07 Apr 2023 23:08:10 +0000 https://forum.asrock.com/forum_posts.asp?TID=25279&PID=104408&title=bios-file-hashes-or-signatures-question#104408 https://forum.asrock.com/forum_posts.asp?TID=25279&PID=102633&title=bios-file-hashes-or-signatures-question#102633 Author: Gorn42
Subject: 25279
Posted: 30 Dec 2022 at 2:32pm


When you download Oracle JDK, they provide SHA512 hashes, and when you download TOR browser, they provide a PGP signature. Most win32 executables from major companies are signed with a security certificate.

However, though the BIOS is clearly a hugely import piece from a computer security viewpoint, I don't see any SHA256/512 hashes or pgp signatures available for the BIOS downloads, and I don't think .ROM files can be signed in a way that allows Windows or the user to verify the signature.

Why is this, Asrock? Why are these critical security measures not in place? ]]> Fri, 30 Dec 2022 14:32:40 +0000 https://forum.asrock.com/forum_posts.asp?TID=25279&PID=102633&title=bios-file-hashes-or-signatures-question#102633