Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!sdd.hp.com!ucsd!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: CC65SRAD%MIAMIU.BITNET@OHSTVMA.IRCC.OHIO-STATE.EDU
Newsgroups: comp.virus
Subject: Re: EEPROM BIOS (PC)
Message-ID: <0009.9009131758.AA06913@ubu.cert.sei.cmu.edu>
Date: 11 Sep 90 23:23:32 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 18
Approved: krvw@sei.cmu.edu

While I am sure more and more systems will be connected via phone
lines, the telephone will always be too expensive a quirky to trust
upgrading PC software to.  As for the floppy upgrades, since all the
upgrade disks would be produced by the manufacturer, quality control
of viruses should be possible.  Any problem would have to be an inside
job.  Also, I am sure that some security measures would be built in to
the BIOS itself, since it would be possible for someone to load the
wrong BIOS disk into a machine and erase the existing BIOS, replacing
it with an incompatible BIOS.  Also, AMI would hate for people to be
switching to Phoenix via a floppy.  These security measures, while
probably not extremely complex, would make a viruses code so large
that it could not be inconspicuous (in my opinion...I am NOT an expert
by any stretch of the imagination) and would be caught quickly.  It is
an interesting idea...especially with machines like the Tandy (also
makes Panasonic, DEC pc's, GRID) and others placing DOS and other
usually attackable programs in EEPROMs.

- -Chris