Samsung Laptop Bug Is Not Linux Specific

← Back to Stories (view on slashdot.org)

Samsung Laptop Bug Is Not Linux Specific

Posted by timothy on Saturday February 9, 2013 @09:48AM from the using-french-or-korean-does-it-too dept.

First time accepted submitter YurB writes "Matthew Garrett, a Linux kernel developer who was investigating the recent Linux-on-Samsung-in-UEFI-mode problem, has bricked a Samsung laptop using a test userspace program in Windows. The most fascinating part of the story is on what is actually causing the firmware boot failure: 'Unfortunately, it turns out that some Samsung laptops will fail to boot if too much of the [UEFI] variable storage space is used. We don't know what "too much" is yet, but writing a bunch of variables from Windows is enough to trigger it. I put some sample code here — it writes out 36 variables each containing a kilobyte of random data. I ran this as an administrator under Windows and then rebooted the system. It never came back.'"

10 of 215 comments (clear)

Min score:

Reason:

Sort:

memo to hardware producers by RichMan · 2013-02-09 09:55 · Score: 5, Interesting

Embrace Linux as an additional test suite for your hardware.
1. Re:memo to hardware producers by Anonymous Coward · 2013-02-09 10:03 · Score: 5, Interesting
  
  Add that script to the payload malware usually carries, and spread it around, a few thousands bricks later, the negative publicity is sure to kill this whole UEFI thing, or at least force the hardware makers to include linux in their testing.
2. Re:memo to hardware producers by msauve · 2013-02-09 10:45 · Score: 5, Interesting
  
  "a portion of this UEFI space is being used to keep a non-volatile copy"
  
  The UEFI doesn't require the use of battery backed RAM ("the implementation of variable storage is not defined in this specification, variables must be persistent in most cases."), so such use can be expected end up making all the EEPROM based ones fail at some point. Doing frequent updates to EEPROMs isn't a good idea.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
3. Re:memo to hardware producers by marcello_dl · 2013-02-09 10:49 · Score: 3, Interesting
  
  "Embrace linux" requires not much of an effort. That's why PC that were made before linux got popular happily run it.
  "Don't throttle linux" fits more the situation, IMHO.
  
  --
  ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
4. Re:memo to hardware producers by Anonymous Coward · 2013-02-09 10:52 · Score: 5, Interesting
  
  You probably didn't get the parent comment. If someone can brick a laptop using a simple hack within Windows, then Samsung (at least) better prepare their stock because it's gonna be an RMA nightmare very soon. And that's probably good for the anti-UEFI side
5. Re:memo to hardware producers by xaxa · 2013-02-09 11:30 · Score: 5, Interesting
  
  Except these days malware is used more for profit (e.g. botnet construction) than random mayhem, and to do that you need to keep the host you just pwned alive.
  Perhaps put it in as a failure mode if the bot can't contact its server. That might dissuade the police from disabling the command server.
Re:Unlimited Supply of Laptops? by mjg59 · 2013-02-09 10:17 · Score: 4, Interesting

30-day hassle-free return policy.
OS boot entries are in NV storage by AdamRosas · 2013-02-09 10:17 · Score: 4, Interesting

So installing too many operating system will result in a brick, Windows in particular uses a lot of NV storage for it's boot entry, be careful when using BCDEDIT.exe...
Re:Extortionist Heaven by Deliveranc3 · 2013-02-09 11:05 · Score: 3, Interesting

Just guessing from experience with Koreans, but... chances are they followed Microsoft or Intel specifications properly. Other companies probably just copied a binary and use it as a black box.
Re:Does windows crash if it has 0 temp space or 0 by GigaplexNZ · 2013-02-09 12:08 · Score: 3, Interesting

That's often a case of running out of desktop heap rather than handles.