MY UEFI H3LL page.        
  See related topic the MYTH and canard of BIOS infections.
UEFI is the new BIOS and new name.
UEFI 0 to 2 is optional until year 2020 and CLASS 3  is now mandated as the "sword of Damocles" see paranoia here
CSM is both BIOS and UEFI in 1 PC, and best of best (does it all)
CSM means Compatibility Support Module, and soon to be gone. (now 2020 and newer PCs)

TStarting in year 2020 CLASS 3 is ACTIVATED and BIFLASHOS and CSM gone forever.


History (short) BIOS (or system level firmware or ROM) 1981 IBM PC forward. (and wonderful IBM ROM expansion /extension rules)
BIOS lasted intil 2012, Windows 8. (death I call it)  lasted 31 years, and not one infected BIOS in the wild. (yet)
Then came UEFI nd Secure boot. (just before W8 release)

Here is the list of  OS makers that support UEFI (besides Gill Bates) Linux and FreeBSD
The queston now 2020 is stated as how do I know if I have CLASS 3 on PC.
Answser: (2) (year 2020 +)
  • If CSM is gone or secure boot is not seen in BIOS screens or legacy mode not stated in BIOS screens , see next line  (fast boot will always be there)
  • I then insert a used SSD drive (or old hdd) and try to install windows 32bit. (if fails to allow  MBR partitions, the PC is UEFI only, just one simple test, and above line.
RIP BIOS, we love you for 39 years, RIP.

Nothing like this blog,  someone "Adam"  that tells how great it is in 1-million words or a tad  less proves that all this NEW FIRMWARE,  IS LOAD OF CRAP!
39 years called BIOS,  old dogs new tricks or
It's pronounced Yuffie. anyone who disagrees with me is clearly a commie.

See "Recommendations" on that page, for how DUAL boot fails. (one more causality of UEFI)

(sarc) I wonder about  UEFI :?did it take longer to write the code, or type out the  manual how it work  above, or make the crazy video explaining to 7 Billion moon gazers with mouth wide open (me  1)?
UEFI H3LL list #1:
16bit software is now gone, as is DOS (any) and all devices lacking UEFI support are now dead and secure boot mode now manditory on most new PC, for sure kneejerk OEM PCs. (buy from ASUS.com and win)
DOS is dead. (Freedos, DR_DOS (by:Gary Kendal), Dell DOS DDDP, and more...)That means all the old DOS ways to flash EEprom safely are gone, (ask OEM maker for help now)
Old GPU cards now useless even made up to 2019  or older RAID CARDS (a very very sad and expensive lost that is)
Some nasty OEM;'s (no names) even only allow their  GPU cards and no others and only thier newer ones too. (as they say "give them and inch and the  take a mile" ,BINGO, or Cha Ching ,greed!)
Any install disk that loads to MBR is now dead, MBR format is now DOA, dead now, and forever on new PC 2020. (class3 kills this dead)
32bit OS are now dead too, 2020+ Class3(III)
Only allows GPT Boot drives to boot and on same topic (boot drive formats) see the 2TB HDD limits, for MBR.  (the 2nd or 3 or more drives can be MBR no problems.)
Dual booting one HDD is not allowed W10, so we install W10 hyperV and then run 2nd OS as a image. (virtually) easy fix.  (not a true UEFI issue but it does make it worse) (maybe one day Dual boot added to UEFI, boot order page?)

The only thing to know is just don't use it, be happy (turn it off), but if  you must?  better stay backed up every hour or you will be screwed when it fails. ( do you have a  fail  plan in place, noodle that first )


UEFI new features : (if turned on, enabled)

Secure boot. (boots to ONLY to secure GPT hard drives or SSD and runs windows 8 or 10-64bit, all other OS obsolete. 64bit only.
Safe boot. (turned on the PC will not BOOT any alien media, no CD/DVD/ODD,  no USB boots allowed.) This is and optional feature on some PCs to make even say secure bootable USB thumb-drives dead.
Fast startup ( tells say windows 10 to boot from image file hiberfil.sys or not. , if not boot slower but from raw kernel files)
In essence the UEFI ROM is now married to the HDD (structures) and W10.  (for good  or for bad too)  making service harder. (making vast hardware now useless for sure RAID Cards now dead at $500 a pop)

UEFI settings in BIOS PAGES:
The choices varies by maker of PC, but there are old BIOS, UEFI and CSM PC's made. Long live CSM!
  1. Legacy /UEFI  (Legacy ends with CLASS 3,   2020 + is now CLASS 3 hard boiled RULES ( avoid them I will)
  2. Secure boot, ( marries the OS boot and windows kernel to the UEFI firimware.) requires a PC that meets the UEFI Specifications Version 2.3.1 and up.... ) Married is key word (a double edged sword)
  3. SAFE BOOT, makes the USB and DVD boot dead, so turn it off, (UEFI does not like non HDD0 SSD0 boots, but Microsoft's Stick builder does work both ways)
  4. TPM , do not turn this on,  it is CIA mode and you will be sorry later of you do this. leave it alone...
  5. Fastboot, some PCs this means non verbose POST mode, but in UEFI world this means also boot W10 in its fast boot image mode not safe mode. Read how your PC supports this feature..



BIOS is now called UEFI

 
Hope nobody gets this message.
or bootmgr.efi fails.

Causes: ( if hdd not bad ,passes SMART test and the  RTC coin cell battery is not dead and power cycling the PC 3 times so w10 , 3rd boot failure puts W10 into recovery mode, fails then Reload W10)

 

Examples
are best, and more clear.
For sure know what happens in CLASS 1 to 3 are not the same and the steps can vary.
Watch out for new PC;s 2020 that are locked down to CLASS 3 for ever, locking the GPU card (to there brands only) and HDD, and MOBO.  (what I do is RUN to the HILLS away from this crap)
To me versatility is everything. (and why I never touched anAPPLE ever) The whole IBM things is what I like , and  endless vast sea of options..

Each PC has instructions on how to get to page 1 of the BIOS,   DELL IS F2, (F12)  , F12 on DELL)
HP we can hit ESC key and then go to other pages in BIOS from there.
Power on and hit (hammer), the BIOS hot key now.
See me killing dead UEFI 100% end to end on any PC,  (safeboot off, secure boot off and fastboot off)
Many a BIOS has legacy mode I like.

In all cases BIOS is newest version from OEM.
As you can see this HP PC below is UEFI class 2  (or less than Class 3)  v2.7 is one common version.
Change boot order as you want (disable any seen PXE seen in NIC or boot order first.)
One new horror with OEM PCs is it will not run the must  new GPU cards, claiming the cards VBIOS is not compatible with there lame on MOBO BIOS,  (yes, OEM PCs' can stink this  way)

ASUS Prime:  ( build your own PC and it will useful for over 10 years)  You can change out (upgrade) the GPU card every month as many top gamers do. (AAA+)
I will be here using ASUS for the rest of my life , 10 more years if I am lucky.
This Asus PC has CSM BIOS, (love at first site , no?) Asus and Gigabyte are the best.
This is my Z270pime motherboard in action. A Z370 is just as good or better.
This motherboard does it all, and CSM is loved by Gamers , that allows you to run any GPU card made on EARTH (old or new)
I love Asus motherboards, a huge user  from 1995   in business (now and before I retired) A Day 1 users of ASUS products, I am. There documentation is world class and they have QVL qualified vender lists for CPU and RAM.
This PC is UEFI v2.31 or higher  but I do not use secure boot or safe boot. (fastboot yes)


Using my above setups ,you can now boot to: (safeboot disabled) but in Secure boot mode only the UEFI boot manager decides what can boot, and your job to make that happy!
  • USB anything, (some can do USB external HDD drives, but you must talk to your PC OEM maker first)
  • CD
  • DVD
  • BD (blue ray)
  • Even SD memory cards would boot but not now,
  • Or PXE Network boots from its server.
  • HDD
  • SSD
  • On some PCs M.2 card boots "Gumstick card", the above Asus PC does!
UEFI SAFE BOOT only boots to  HDD0 or SDD0,  but to install say Windows 10-64bit as secure boot USB device must be formatted UEFI or UEFI/MBR (see rufus for that choice) or MS install builder.!
New PCs for sure new OEM PCs (HP or Dell and others)  will have soon
(  hard Boiled CLASS 3 UEFI  2020 year )  
Learn too that some older PCs (2014?) have defective UEFI fimware and using that is super risky booting to GPT UEFI DRIVES  in secure boot mode.


2 Terabyte HDD limits?  (only on MBR and banned for boot drive UEFI)
This is the math on the infamous
2TB limit of MBR formatted drives. ( 2 to the 32nd power) binary math rules.  (or use larger cluster sizes MBR, but I do have  9TB HDD formatted GPT {2nd drive} on this legacy PC )

The math is not hard (a cheap calculator does this in 3 strokes of a finger  , click 2 then Yx key, then 32 and last = sign key !)
MBR =  2^32 (
4,294,967,295) sectors (do the math or wiki MBR) 32 to the 2nd power. 
Then
4,294,967,295 sectors * 512 bytes/sectors = 2,199,023,255,040 bytes or 2TB.
Or go hog wild and do custom sectors sizes:
Now,do  1024 sized sectors? 4.4E12 (4TB) and like magic the HDD has 4TB limit.. and is your call at any time to do that. 
Most my PCs boot to 256GB SSD, and well I  never need a 4TB SSD or larger here, not me. $3000 for 7TB
All my apps and data are on a 8TB fasted HDD in the world by Seagate. 200MB/s easy..
GPT ends this limit HDD for near eternity, 9.4 ZB (means zeta-byte) something most humans can not grasp until you must count atoms.. is limited by  264 sectors

The myth of BIOS infections.    Paranoia is so sad to watch.  THE SKY IS FALLING, really? Chicken little cries wolf too often and too long.... C19 !

SHOW ME ONE IN THE WILD or even PROPAGATING...?  ZERO !
I tired hard to find even one good source of proof of one BIOS EEPROM FIRMWARE infections,  and FAILED I DID !
I want hard boiled proof of BIOS infections and there are none, only black hat theories, and silly folks confusing infected OS with this,  there are no limits to infected boot OS, sure we know all that.
The #1 all time cause of corrupted BIOS is humans flashing there BIOS and are clueless how to do it safely. 

First off I  call MYTH BUSTED,  t
Some makers of PC then added a BOOT BLOCK  LOCK to protect this, sadly many OEM did not add the feature.


Now the reasons why an  EXTREMELY IMPROBABLE ACT.
A virus would need to use the binary codes in the above, 23+ FLASH engines (that I know) Myth 1 , impossible.

Here is my hit list for some GOD like FLASH burning VIRUS that can damage 100,000 verions of motherboard, firmware. (crazy in concept)
I think, all this paranoia was from 1 guy in Asia, that wrote 1 virus (on a dare) that infected just 1 PC made in 1998, Just  one PC that does not EXIST TODAY anywhere,  but in a land fill. (  the day paranoia started?)
  1. Infects the HDD first , sure you did watching PORN sites and or clicking email links infected, so don't.
  2. The Virus needs to know what  OS  you are running XP to W10.{sure easy}
  3. Then this Magical Virus (lets call it MV) then scans the PC to learn what South bridge or BIOS logic is there e) {sure easy but the chips used are vast here for 20+ years. AMD/Intel / VIA , etc}
  4. Next up the MV then must ID the  vast number of EEPROM chips connected to endless 100+ or more South bridge chips and how they are wired !  NO WAY (myth#2 busted)
  5. Once identified (ID'd), the MV  must also know what PC you have, and what BIOS is there, some are sectioned in 4 blocks,  BIOS1(main), BIOS2(backup) BIOS loader and BIOS update block.(and more now, and UEFI)
  6. The MV must know what is there before hand there is no way to have this MV APP just know this like magic.  I bet no MV can reach this far on vast 100,000's of models of PC.
  7. It then must erase the EEPROM first then write new code to BIOS and then set a CRC code stored, in the secret signature no OEM tells you. Most PCs HALT here if CRC shows any corruption.(quality PCs do this)
  8. if not a magic burner.exe then the MV would have to have  stolen the (flashwriter.exe)code for every  PC model ever made then hacked that,...,  pure myth and  paranoia.
  9. And last and best, the stupid PC makers deleted the EEPROM write protect pin jumper on the MOBO, causing endless hopeless and expensive PARANOIA  and the now Flashing PC's to DEATH todays epidemic.
 I call MYTH,  and worst the OEM stupidity of removing  the WP pin from the EEPROM to jumper pins . ( gee jokers put the freak'n pin jumper back !)  (WP = write protect pin seen on all EEPROM'S)
I  all call    (MV) ! and double BS on the lost WP jumper !@@!
Don't get me wrong;
Secure boot is the bee's knees for security if you love to click email attachments or worse clicking Email HTML links (turn off HTML in mail end this pain) use text only email.
 
But don't tell me we have BIOS infections in the wild, SHOW ME ! Prove it  first.
What they did not prove in the below was the true cause of failure, all.

BIOS VIRUS PHANTOMS?  How to prove  MV exits  is below: (Magic firmwareVirus  myth, MV for short here) inside BIOS. "you  won't"
The truth is , there is none.  
The below is my list of things that fool people into thinking their FIRMWARE IS INFECTED and they are DEAD Wrong.  (many love to lay blame lacking any kind of proof, who are you?)
  • PC is locked up DEAD. not from bad BIOS but from BAD power supply
  • All batteries in the PC are dead or worse shorted, gee replace those first, yah THINK?
  • Some Derp flashed the Firmware with wrong  firmware image or for a wrong PC or wrong version of PC,  only  flash using the exact correct image or you just bricked the PC. (ask for help at your  OEM maker) (OR DON'T DO IT)
  • Old PC , older than 2010, now have a bad CCFL black lamps, most PCs or monitors this old those are now dead. (the flash light test shows data on LCD the black lamps are DEAD)
  • Kids played with PC and found a way (easy) to wreck BIOS. Keep the kids off YOUR PC, ok, or you will feel the pain of dead PC.
  • The OS is corrupted, reload it and is now cured.
  • Modules in the PC up to 20 or more are shorted, 1 is and the PC card house collapse.  Do the strip down test, to find true cause not wrecking the BIOS and now have 2 major problems to cure, yah think?
  • Some drep hot swapped parts in side the PC and blew up good parts.
  • The PC is ok, all you need to do is COLD HARD RESET IT , even do the simple intel power button 10second long push, OMG IT';s NOT DEAD !
  • or omg, take the bad PC to a real shop for PCs and wow they find a $1 coin cell battery dead, amazing no? and can happen in only 5 short years old.

Blame and paranoia are sad to see: (learn to leave the freak'n  BIOS alone) or learn to have real tech diagnose and fix your PC and not burn firmware endlessly in a fools panic and quandary.
Learn to blame BIOS last for bogus infections, not first. Do that and WIN. (learn to prove things first (true CAUSE)  then LAY BLAME last , and not GUESS, or  look like a 12 year old kid)
Learn that BIOS does not  leak out like a water bucket, with holes in the bottom . It has 100 to 200 year data retention factor spec, (FACTS !) (read the Microchip.com spec, ok) Proof
 
Reflections: (then to now)!
IF PARANOIA STRIKES DEEP?:  (into your heart it will creep, and... 1967 song Buffolo Springfield.
Today all we HEAR  is fear. (and endless FUD)  in the media, etc,  they  have no usefull new features in things now,  so marketing goons sell fear, they know nothing else. (
    Nobody ever does the diagnosis correctly and then are so quick to blame MV, (sad to watch you) just saying...... (the rules of science lost?,  proofs , then independant lab. repeated tests, and peer reviewed reports?)
    No proof  of actual real MV BIOS infections in the WILD.
     
    The silly makers of a PC removed the Flash Enable jumper circuit wiring to the EEPROM  ( 10cents saved  you bums) how stupid was that?  SUPER STUPID STUNT of the decade.
    Fast forward to 2019 and your silly OEM PC maker has 50 UEFI firmware upgrades dang man, that is a bummer,!,  sad to watch you flay about.
    The PC has FIRMWARE EEPROM FLASH ROM , that HAD ,a write enable jumper  for decades and now  is missing this valuable circuit. (sarc>) so they can do daily UEFI UPDATES. (OEM'S are nuts, run away far...)
    The PC FIRMWARE has a CRC check  and a secret signature  inside,  that block any infections.( turn on signature check first)   most PCs have this for decades and is good enough.
    My cure is buying only DIY parts and build my own PCs and no UEFI allowed here.(CSM sure)


    Windows 64bit is secure  enough in and of  itself , running it here for over 8 years in fact w8 and w10 , zero problems on all PCs I control. October 26 2012 to now. zero problems ever. (as of 12/2020)
    A UEFI/BIOS video, that is pretty accurate:(hit stop at 4;00 minute mark)

    version 26.  8-25-2018 (revised , more tests) 7-7-2019 12-1-2020 Less is more and class 3 is the law.2020
    I am not a UEFI firmware engineer, just a tech but have written some BIOS new features, like Password code in early BIOS 1985.  (retired now) (am a big time ASM386(masm) freak in the day)