Introduction

When you think about computers there are always two level which are coexistent: hard- and software. Every software is running on hardware. Despite the probability that open and free software might be better (refer to comparison between open and closed source) there are free and open-sourced solutions for both levels.

To minimize security risks you should examine your whole chain of computing.

Pinetree of open and secure (classical) computing

Recommended products for free solutions

OS’s with Linux-libre kernel:

GNU website | further information

Desktop hardware for Coreboot:

FSF website | further information

  • Asus F2A85-M/CSM
  • Asus M2A-VM
  • Gigabyte M57SLI-S4
  • Asus M2V-MX SE

Desktop hardware for Libreboot:

Libreboot website | further information

  • Gigabyte GA-G41M-ES2L
  • Intel D510MO
  • Intel D945GCLF

What is BIOS?

This is the Basic Input/Output System. It is an (often) proprietary firmware which is located on a special ROM chip (system on a chip). It is run after you switch your computer on.

BIOS’ settings are saved within the CMOS chip on your mainboard.

The BIOS offers configuration options for memory, drives, clock speed, virtualization, power management, security, health services and boot order (amongst others).

What is UEFI?

UEFI Stands for Unified Extensible Firmware Initiative. This is pretty much the same as a BIOS just with nice additional graphics instead of text-based optics, additional Ethernet support and some other extensions. It is also often a proprietary firmware which is located on a special ROM chip (system on a chip) and runs after you switch your computer on.

Security concerns and solutions

Due to intransparent and vulnerable implementations like Intel ME and AMD Secure Technology into modern computers’ hardware the user can’t be sure in knowing what the computer actually does. Both technologies implement a second alltime running operating system in an isolated environment with total control about all hardware and data.

To find out which hardware potentionally runs without those risky implementations please check CPU and system alternatives without Intel ME iAMT and AMD PSP / Secure Technology.