Ubuntu 17.10 Temporarily Pulled Due To A BIOS Corrupting Problem

An anonymous reader writes: Canonical has temporarily pulled the download links for Ubuntu 17.10 "Artful Aardvark" from the Ubuntu website due to ongoing reports of some laptops finding their BIOS corrupted after installing this latest Ubuntu release. The issue is appearing most frequently with Lenovo laptops but there are also reports of issues with other laptop vendors as well. This issue appears to stem from the Intel SPI driver in the 17.10's Linux 4.13 kernel corrupting the BIOS for a select number of laptop motherboards. Canonical is aware of this issue and is planning to disable the Intel SPI drivers in their kernel builds. Canonical's hardware enablement team has already verified this works around the problem, but doesn't provide any benefit if your BIOS is already corrupted.

That ain't right!

How the hell have we let what's supposed to be ROM get so fucked up by a simple software upgrade? That, Ain't, Right!

Re:That ain't right!

[omnichad]

It's been EEPROM for decades. And if you expose an interface for updates, that interface is an exposed risk. Especially in the driver for the SPI bus that actually does the writing.

Re:That ain't right!

You don't need to overwrite the EEPROM to cause problems. In this case, since it's caused by the SPI driver, it looks like corrupt data is being written to the volatile memory used by the BIOS to save settings. This is battery backed memory that can be reset, but it's a bit trickier in laptops.

Re:That ain't right!

[omnichad]

In this case, at least one person involved was unable to resolve it by replacing the CMOS battery:
https://bugs.launchpad.net/ubu...

Re:That ain't right!

Except it's not a ROM.

Re:That ain't right!

[Immerman]

I wonder if they did a half-hour+ "thorough reset", or just a quick power removal. I.e. did they just get unlucky that a "soft" reset left some bad data behind in volatile memory, or if the EEPROM itself was modified.

I miss the old days when you had to physically move a motherboard jumper if you wanted to modify the EEPROM. Almost as much as I miss the existence of hardware-enforced write protection toggles on removable media. (My first USB drive had one - I don't think I've even seen one since, though I've heard a couple companies do in fact make them)

Re:That ain't right!

[Desler]

You’re welcome.

Re:That ain't right!

[drinkypoo]

I miss the old days when you had to physically move a motherboard jumper if you wanted to modify the EEPROM.

There are still PC motherboards with a write enable jumper, but they are pretty much all server boards. Remember server cases with keylock switches? They're still out there...

Re: That ain't right!

[zeigerpuppy]

Come join us on https://soylentnews.org/

Re:That ain't right!

TL;DR

Re:That ain't right!

I can only read when proper paragraphs are used, you insensitive clod!

Re:That ain't right!

Most SD/SDHC cards have a teeny tiny write protect slider. I found out the hard way when I accidently toggled it, and thought my SD card was broken . . . duh.

Re:That ain't right!

[omnichad]

A half-hour? Just drain the caps with a few presses of the power button.

Re: That ain't right!

No affiliate link? I'm disappointed and so it out resident slashdot affiliate link poster :(

Re:That ain't right!

[Immerman]

I've looked at those before, and it does look like a nice drive, but has tons of features I don't have any use for and is ridiculously expensive ($45 for an 8GB drive?). Meanwhile a $5 16GB drive does everything I need, except for lacking a $0.10 write protect switch, and is cheap enough that I don't care about losing it.

Re:That ain't right!

[Immerman]

Sadly, I recently discovered that those only offer software-based protection - i.e. they tell the computer "don't write to me", but rely on the software to honor that request, and don't actually do anything to protect your data from a malfunctioning or compromised computer. Unlike write-protect tabs on floppy disks for example, where the drive would simply return an error to the OS if you tried to write to a protected disk.

Re:That ain't right!

[Immerman]

That almost always works. Unfortunately, charges can linger in the chips themselves as well. Rare, but can cause no end of headaches when the wrong bit(s) remain set and you don't realize that's possible.

Re:That ain't right!

Gigabyte & another company used to make motherboards with a backup failover BIOS. It would look for a watchdog during boot or can be triggered with a jumper. This allowed you to reflash the BIOS completely while the failover BIOS was protected.

The two reasons were:
1. Overclockers messing with settings that caused a boot loop that made BIOS reflash impossible.
2. A bunch of malware came out that would put itself in BIOS to survive system wipe & reinstall.

Re: That ain't right!

Why.
Can't post AC.
Its too sjw, and too few users for a real diverse discussion. Its like /. groupthink, on a much, MUCH smaller scale.
Can't even downmod unless you have enough karma or points or wtf ever. Hard to believe, but not all comments should be upmodded, and some people are REAL GOOD at downmodding. Instead, -1 and 0 posts are upmodded. Whats the benefit to discussion when not able to downmod again?
So, generally, don't care about another slashdot wannabe site thats even more restrictive than the original.
Also, please stop spamming /. with references to it.

Thanks.

Re:That ain't right!

[eneville]

I miss the old days when you had to physically move a motherboard jumper if you wanted to modify the EEPROM.

Just as I miss the days of setting master/slave on IDE drives or bus positions on SCSI disks, or IRQ numbers of IO/SB cards.

Those days.

Re:That ain't right!

[Immerman]

Really? Was there an advantage to those that I'm missing compared to modern solutions?

Writing to EEPROM is typically a very rare activity - to the point that any particular write has a good chance of having been unintentional/unauthorized by the owner. Seriously - how many people do you know who actually, for example, update their motherboard's BIOS? And of those who do - how many do so for reasons that haven't already cost them enough problem-solving effort that the added effort of changing a jumper is trivial in comparison?

For bonus points - of those who resort to flashing their BIOS to fix a problem - how many of the problems do you suppose are caused by BIOS corruption that could have been prevented with hardware write protection?

Re:That ain't right!

[sabri]

Really? Was there an advantage to those that I'm missing compared to modern solutions?

Job security.

Re:That ain't right!

[Desler]

The problem is likely that USB drives with hardware write locks are made in much smaller production runs so the price is higher. It just comes with the territory for niche use cases.

Re: That ain't right!

[Reverend+Green]

Nice wallotext!

Re:That ain't right!

He's just like the current /. "editors." Can we get /. editors who actually understand the concept of paragraphs? Wall of text /. summaries, since bizx took over, are impossible to read.

Re:That ain't right!

[MoarSauce123]

Because FOSS is so much better and without any flaws! Not like the closed source commercial counterparts. - Sarcasm aside, no matter what model, if QA is seen by developer dominated software providers as an afterthought then things like this happen. It is in the same category where an equation editor in a word processor apparently has so much might that it can hose the entire system. I fully agree - "That, Ain't, Right!"

Re:That ain't right!

[Immerman]

But why is write-lock a niche use case? In the floppy days everybody I knew used the lock tabs on a regular basis - and if anything the reasons for doing so have increased dramatically. Why should you risk getting infected by whatever's on your friend/coworkers/etc. computer just to give them a copy of some file or other? Or risk your backups when you want to retrieve something? Same thing with early USB drives - using the write-lock was just common sense. Then they just sort of disappeared.

I also suspect a lot of the price has to do with the 256-bit hardware encryption and other limited-use features that increase the sophistication of the hardware. A simple toggle-switch and "if lock line is high, report error, else write data" line in the embedded software should cost well under a dollar to add.

Re: That ain't right!

You can post AC.

It is far from SJW.

Everyone registered gets a couple mod points.

Comon whipslash, quit your lying.

Re:That ain't right!

[eneville]

Did you mean to reply to my comment with this? I didn't mention anything about BIOS. Just that I missed the hardware that needed IRC and bus position jumpers, the same way that I miss Turbo C and Turbo Pascal. Those were good days.

Re:That ain't right!

[Immerman]

Yeah, I thought you were being a smartass, comparing the headaches around the hardware you mentioned to the nuisance of an EEPROM protection jumper.

My apologies. Those where good days.

Re:That ain't right!

[fustakrakich]

That doesn't sound possible. Write protection on a USB is still done in software, and that particular product is a *black box*.

Re:That ain't right!

Some motherboards also allow you to flash just by plugging in a USB with the proper files. Also allows you to recover from a bad flash. Not very good for drive-by USB attacks, but very convenient for most home users.

which is to blame Linux or Lenovo?

[Dorianny]

Anybody know if the issue is a bug in the driver code or is the driver inadvertently exposing a faulty bios implementations

Re:which is to blame Linux or Lenovo?

[omnichad]

From the Canonical bug report:
At least on Lenovo Thinkpad Yoga, the BIOS seems to monitor the SPI-NOR
write protection bit and if it is flipped to read/write it assumes the
BIOS configuration was changed on next reboot. It then, for unknown
reasons, resets the BIOS settings back to default.

Re:which is to blame Linux or Lenovo?

It's in the intel-spi driver code of the kernel that Ubuntu 17.10 is based on. Apparently, the problem isn't present in later kernels so it appears that the altered code that avoids the issue never got backported. But flipping a write bit to prevent further flashing and subsequently reloading the bios default settings seems to be a faulty bios implementation.

Re:which is to blame Linux or Lenovo?

[Hal_Porter]

Lenovo need to stop people writing the Bios because otherwise they'd able to remove the crapware Lenovo put in the Bios to stop people removing the crapware they put in the Windows by installing a fresh Windows image.

With an unmodified Lenovo Bios the crapware will be re-installed via Windows Platform Binary Table

https://www.howtogeek.com/2263...

Beginning with Windows 8, a PC manufacturer can embed a program - a Windows .exe file, essentially - in the PC's UEFI firmware. This is stored in the "Windows Platform Binary Table" (WPBT) section of the UEFI firmware. Whenever Windows boots, it looks at the UEFI firmware for this program, copies it from the firmware to the operating system drive, and runs it. Windows itself provides no way to stop this from happening. If the manufacturer's UEFI firmware offers it up, Windows will run it without question.

Were it not for this Bios resetting feature - a ludicrously determined user could do the following

1) Remove Windows
2) Use some other OS to dump the Bios out
3) Hack said dump to mess up the Windows Platform Binary Table and reflash it
4) Reinstall Windows from an image

And then they'd have a copy of Windows with no Lenovo Service Engine installed! The horror! Instead it seems like Lenovo have had the Bios reset itself to stop step 3), so the determined user would still have LSE installed.

Re:which is to blame Linux or Lenovo?

1. The intel-spi driver will set SPI flash to write-protected on load.
2. Those Lenovo machines have a BIOS that expects flash to never be write protected and doesn't know what a write-enable sequence is (they also don't have CMOS NVRAM, they store BIOS settings and EFI vars in the main SPI NOR flash).

One of these is following engineering best practices - don't leave EEPROMs sitting around in a state where a single corrupted command can permanently destroy data.
The other is ... the exact opposite.

Re:which is to blame Linux or Lenovo?

[Dorianny]

Fanciful theory however Occam's razor principle strongly suggests this being a simple bug in the Bios implementation rather then malicious intent. Lenovo is on the hook for the motherboard replacement required to fix the locked Bios for any device that is still under warranty. Seems like an incredibly stupid thing to do just to stop people from being able to remove the Lenovo Server Engine

Re:which is to blame Linux or Lenovo?

[Junta]

Probably some UEFI configuration utility that sets write and then some sort of staged config change update area.

Presumably if the system does not have a new bios, it then goes to process what turns out to be an empty changeset, which was not a case they anticipated, and hitting some weird fallback to recover from invalid utility behavior.

Interestingly enough Win10 1709 did this

[oobayly]

I have a Lenovo Yoga which I dual boot with Linux Mint Sarah and just after I installed 1709 Fall Creators Update the fingerprint reader stopped working. I gave up trying to remedy it and reset Windows, but that didn't fix it.

I then realised that it wasn't shutting down properly either. ACPI shutdown in both OSs would leave it halted but powered on, so the only way to restart was to hold the power button to kill it, and then switch on.

I finally checked the warranty and saw it was 14 months old so took it apart, removed the battery and motherboard battery, left it for an hour, powered it on, flattened the partition table an reinstalled. Works perfectly again, but after a huge amount of time wasted.

So, it's either a coincidence, or there's something modern OSs are trying to do which screw up BIOSs.

Re:Interestingly enough Win10 1709 did this

Suspect it's systemd wrecking the BIOS when it tries to take over.

Re:Interestingly enough Win10 1709 did this

[omnichad]

It's probably the way the fingerprint reader integrated with Windows logon. The upgrade from 7 to 10 outright broke several laptops in a way that required a format/reinstall due to completely corrupting the login system to the point where neither using a password nor a password reset solved anything.

Re: Interestingly enough Win10 1709 did this

[oobayly]

Oh yes, and along with it not powering down, it would also take about 35 seconds from lights on to STARTING the POST check. Multiple bios reload defaults also had no effect. Just the "Kill the power" option.

Re: Interestingly enough Win10 1709 did this

[oobayly]

Maybe, but I was pretty lax about keeping Linux up to date, and hadn't used it a great deal so the configuration was unlikely to have changed recently.

Re:Interestingly enough Win10 1709 did this

I feel sorry for you for owning a Lenovo because Lenovo sucks big time.

Re:Interestingly enough Win10 1709 did this

[Desler]

At least it wasn’t an HP laptop. It can always be worse...

Re:Interestingly enough Win10 1709 did this

Works perfectly again, but after a huge amount of time wasted.

Stop crying. Wasting time is a normal part of using Linux.

The timing.

Bad luck for this to happen during the year of the linux desktop.

Re:The timing.

I'm with apathy. Ironic isn't it?

The dumb leading the blind

Why can an OS modify a bios? This is the price we pay for OS level bios upgrades.

Christopher Reimer, dead at 48

Sad news ... Christopher Dale Reimer, dead at 48
I just heard some sad news on talk radio - Everyday reality/Haiku writer Christopher Dale Reimer was found dead in his San Jose apartment this morning. There weren't any more details. I'm sure everyone in the Slashdot community will miss him - even if you didn't enjoy his work, there's no denying his contributions to popular culture. Truly an American icon.

Re:Christopher Reimer, dead at 48

Did he still weigh 500 lbs even while supposedly being on a low-carb diet?

Re:Christopher Reimer, dead at 48

There aren't many details right now but we know the San Jose Fire Department has sent a vertical lift machine to his apartment.

Specially-trained personnel to deal with obese patients has been sent along, as well as a Jaws of Life. Apparently he was found on his mattress covered in Kleenex, several Fleshlights and an inflatable goat.

Re: Christopher Reimer, dead at 48

Word on the street is he OD'd on power bars and cliff bars. After cashing his fat Amazon affiliate checks, he spent all the money on protein bars. Sadly, those same protein bars that helped him lose weight, sadly also took his life.

Let this serve as a waning. Posting affiliate links on slashdot will kill you. Let chris serve as a reminder. Slashdot, affiliate partners, Power bars and cliff bars are not your friend.

Re:Christopher Reimer, dead at 48

[nnet]

Florida's goalie?!?

Re: Christopher Reimer, dead at 48

Creimer lost weight? Yep, this post is fake news!

Re: Christopher Reimer, dead at 48

When will you stop raping your neighbor's goats?

Re:Open SORES Infects Again

Then stick with Windows 10. Windows is for people with an IQ under 10.

OS-level Updates

[nuckfuts]

These days, "BIOS-level" upgrades ARE "OS-level" upgrades. UEFI even has its own shell.

Case in point:

I recently purchased a Dell PowerEdge server to run VMware's ESXi hypervisor. Before installing ESXi, I wanted to update the BIOS to the most current version. On Dell's site, I could not a "BIOS-level" update package, only "OS-level" ones. I talked to Dell, and to my surprise, the answer was to run their Windows executable from the BIOS shell.

Re:OS-level Updates

[Junta]

UEFI even has its own shell.

Well, it's an *option* to use some of the space to host a UEFI shell, though not all vendors bother to do so. It's basically like installing dos in your BIOS rom. UEFI shell is basically the same thing as command.com: an extremely thin layer on top of firmware calls. Of course that USEFI can have network drivers and filesystem drivers whereas BIOS only ever had the concept of block device access and access MBR as a program baked in.

When it comes to servers, increasingly the expectation is that you use the management port to apply the update remotely unless you make a boot disk (usually linux base) or use the operating system to do the update.

Re:OS-level Updates

Dell's BIOS updates are hybrid executables that work from Windows, FreeDOS and UEFI Shell/UEFI Setup on desktops. They can also be used to directly update from Linux using the UEFI Capsule Update specification.

Re: OS-level Updates

Just couple of days ago run complete BIOS update from 17.10 (dual booted with Win) on Dell XPS 13 9360 without a hitch.
Either I am very lucky or it is a Lenovo bug

Re:OS-level Updates

[Hal_Porter]

I wonder how they do that?

FreeDos and Windows would be easy - you'd have a Win32 PE file where the DOS exe stub exe was the FreeDos update exe. Same with FreeDos and UEFI because UEFI uses PE files. So you have a PE file for the UEFI code with the FreeDos code as the stub file.

UEFI uses PE files but the API is completely different to Win32. They must have worked out some way to mix MZ EXE, Win32 x86 PE and UEFI PE into one file.

Re:OS-level Updates

[Hal_Porter]

Oops. the link to how PE files contain a Dos exe stub didn't work

https://upload.wikimedia.org/w...

Originally this just printed "This program requires Microsoft Windows". Of course if you have a Dos version of something you can make that the stub.

The problem is that there's no documented way to combine two PE files for different APIs - Win32 and UEFI. It's also not really clear to me what the UEFI app should be built for - you can have native x86, native x64 or EBC - a byte code format.

Even though most Windows installations are 64 bit they can still run x86 code, so that seems safe. With UEFI you have to either match the native architecture or use EBC. And it's not clear how many UEFI bioses are x86, x64 or EBC capable. Then again I suppose Dell would know what would work. Still combining Win32 and UEFI code into one PE file seems like it would need a trick I don't know.

Re:OS-level Updates

[TheRaven64]

There may not be an official way, but if your possible systems are all from a limited set and you're really only having to differentiate between Windows and UEFI or DOS and Windows (the other poster pointed out that there's an official way of having both DOS and Windows entry points), then it should be possible to find a system call that just provides information on both systems and has a return value that lets you tell them apart. You do this early and then jump to the relevant entry point.

Even more fun, there was recently a DARPA-funded program that recently worked out that there's a useful subset of both ARM and x86 that is entirely NOPs in the other. I don't remember if it's Turing complete, but it is definitely enough to write a little header that will branch to either the x86 entry point if run on x86 or the ARM entry point if run on ARM.

Re:OS-level Updates

[Hal_Porter]

There may not be an official way, but if your possible systems are all from a limited set and you're really only having to differentiate between Windows and UEFI or DOS and Windows (the other poster pointed out that there's an official way of having both DOS and Windows entry points),

That was me

then it should be possible to find a system call that just provides information on both systems and has a return value that lets you tell them apart. You do this early and then jump to the relevant entry point.

The problem is that even though Windows and UEFI both use PE files, there are significant differences.

Windows applications use subsystem=2 for GUI and 3 for console

https://msdn.microsoft.com/en-...

UEFI applications uses subsystem=10

http://wiki.osdev.org/UEFI#Bin...

Also windows executables are .exe and UEFI applications are .efi

I.e. it's hard to build a single executable that would pass the subsystem and file extension checks to run on both Windows and UEFI. Which of course is by design - otherwise people would run executables on the wrong platform and brick it.

Here it seems like Dell just distribute a bunch of different executables. One for Windows/FreeDOS(.exe), one for Linux(.bin) and one for UEFI (.efi)

http://www.dell.com/support/ho...

You could have them share a data file if space is at a premium.

Though a Win32/UEFI polyglot may be possible I can't find one. And I'm not sure how it would work.

The one possibility would be if Terse Executable files can begin at something other than offset zero in a file. TE files are a sort of stripped down PE file with all the unnecessary crap removed from the PE headers.

http://wiki.phoenix.com/wiki/i...

But it seems unlikely UEFI executable loader code is willing to skip bytes endlessly until it sees a VZ signature.

Re:OS-level Updates

[AmiMoJo]

That's a Dell thing, it's not part of the UEFI core spec. Some laptops from a few years back had a Linux OS in there to play DVDs and browse the web without booting Windows.

Isn't wonderful

[DarkOx]

That we have moved from simple reliable BIOS systems that provided a little boot code to get the system going on a ROM, to an advanced re-programable system so that software BUGs can now brick your PC!

Progress!

Re:Isn't wonderful

[bws111]

That happened over 20 years ago. Time to get over it.

Re:Isn't wonderful

BIOS has been on an EEPROM for decades. You’re quite a ways behind the times, gramps.

Re:Isn't wonderful

[Junta]

The difference is that formerly, the OS didn't dare include capabilities to screw with the BIOS ROM as a matter of course (it was always possible). There was too much concern that there wasn't enough consitency between vendors.

Here you have Intel thinking the entire world is using Tiano core and Intel reference platform, so Intel feels more confident putting code mainline to screw with the SPI roms.

Re:Isn't wonderful

Last I checked, EEPROM is a type of ROM.

Re:Isn't wonderful

Yes one that is re-programmable. So basically his complaint is that he’s decades behind the times.

Re:Isn't wonderful

You're a fucking moron.

Re:Isn't wonderful

Or, time to fix it?

Re:Isn't wonderful

Cool story, brah. Need some cream for that butthurt?

Re:Isn't wonderful

It happened in 2011 actually. That was only 6 years ago. Your advice to "get over it" is unlikely to make the problems caused by it to go away. Making a bit of a fuss every now and then is actually less effort, and is at least more likely to improve the situation.

Re:Isn't wonderful

[TheRaven64]

2011? The first machine I owned that managed to brick itself in a failed BIOS update was a Gigabyte motherboard with a 200MHz Cyrix Pentium clone.

Re:Isn't wonderful

[bws111]

Updateable BIOS's have been around since at least the mid 90s. BIOS has not been on a ROM since then.

Re:Isn't wonderful

You're still being a dick...

Re:Isn't wonderful

If hardware can be bricked by software, then it should be illegal to import that hardware or offer it for sale. Governments should give manufacturers the incentive they obviously need to spend the extra ten eurocents to make their hardware unbrickable.

Re:Isn't wonderful

If by "screw with" you mean "send a write protect command" then ... yes.

Intel - "no vendor would be stupid enough to ship a BIOS that requires the system flash to be permanently write enabled"
Lenovo - "hold my beer"

Re:Isn't wonderful

[AmiMoJo]

It's the other way around. The BIOS was complex and did a huge amount of initialisation work that was then ignored by the OS anyway. It ran arbitrary code from option ROMs. And it was x86 only.

UEFI isn't perfect, but at least it ditches most of that crap. My 2012 era laptop can boot to the login screen in under 4 seconds, faster than the old BIOS can POST.

Re:Isn't wonderful

It ditches the legacy crap that came with BIOS, yet anything that can be extended WILL be extended to include massive amounts of shit that no one wants. Well, of course that leaves it up to hackers to unfuckify the mess, while manufacturers try to obfuscate all of their marginally legal malware.

Re:Isn't wonderful

[thegarbz]

That we have moved from simple reliable BIOS systems

WTF? We never had that. The BIOS has for the past 30 years been a hacked together crapshoot for other systems to work around.

Re:Isn't wonderful

Hes talking about UEFI you clod.

Sure you could brick a BIOS by screwing up the BIOS update. The OS could not brick it though and thats the point. They should have fixed it to properly recognize USB boot and large hard drives and the stuck with BIOS instead of UEFI.

Re:Isn't wonderful

Time to replace EFI with systemd!

Re:Isn't wonderful

[TheRaven64]

BIOS updates from as long as I can remember involved a program running on an OS. Some came with a FreeDOS bootable floppy image, some just a DOS program. Later ones were installed automatically from within Windows when you installed the motherboard drivers as part of Windows update, or via a similar procedure in Linux. There's nothing specific to EFI about having the OS install firmware updates.

NSA Backdoors..

..in Minix obviously have a problem with Linux.

I remember

When you had to move a write-protect jumper to flash the motherboard BIOS. That seems alot safer. I also remember having a Matrox video card that a write-protect dipswitch.

Re:I remember

Cool story, Methuselah. Did you also walk to school uphill both ways in the snow with no shoes?

Re:I remember

[DCFusor]

Me too. This sort of thing should be brought back. Not that it will, since the current way allows vendors to "fix" sloppy code later without it being such a burden on customers, and save the price of a jumper - and physical access to one, to put into profit. And obviously, those who desire backdoors into our stuff like it as it is. Methuselah wasn't always wrong, you know.

Re:I remember

[Junta]

I remember a problem with a modem I bought back in the day, that was solved in a firmware update.

The firmware update was a package in the mail with a new chip and a chip puller.

Note having one of these devices was pretty neat. If I had a few thousand of them however....

Re:I remember

I can just imagine tech support trying to walk Grandma through the process of moving the jumper, updating the firmware and moving it back again. If nothing else, the jumper helps protect against strains of malware that overwrite parts of the firmware.

Re:I remember

That's how all firmware/bios updates were done before the advent of EEPROMs (Electronically Erasable Programmable Read Only Memory). Some might have used the EPROMs (Electronically Programmable Read Only Memory) with the little sticker and window on top that would let you zero the EPROM with a UV light and re flash it yourself if you were lucky enough at the time to have one of the EPROM programmers that cost a couple hundred dollars. Not very common outside of electonic/pc repair shops, and hobbyists with money to burn. Now a days you can do the same job of programming an EPROM with an Arduino and some support circuitry.

Re:I remember

[gweihir]

The utterly pathetic thing is that most SPI flash actually directly supports such a jumper. The mainboard manufacturers just likely have found out that people are too stupid to handle jumpers and left it out.

Re:I remember

Now a days you can do the same job of programming an EPROM with an Arduino and some support circuitry.

25 years ago, you could do the same job with a parallel port and some support circuitry (namely a few 74xx latches).

Re:I remember

[DCFusor]

Depending on the eeprom, you might need a transistor or two in order to turn Vpp on and off - usually around 12v. And of course, some UV lamp to erase one first. The thing is, it had to be a deliberate act to change that stuff - these days a coffee shop or a PC shop could do it as a service in between replacing broken phone screens.
Now, there's zero opportunity cost for some cracker to try and mess up your stuff.
If you want to, say, steal my tools, you have to show up - and I might shoot you - there's cost of getting here, and there's risk to you in trying.
With the internet, there's no cost to get here, and little risk of attribution. For the end user, the use of flash is a very bad tradeoff made for you by someone who doesn't take responsibility for the total costs.

Re: I remember

[Reverend+Green]

But how can the vendors be Agile(tm) if they can't release bug-riddled crapware and let their customers serve as free QA?

Re: I remember

[DCFusor]

Would mod funny if it weren't true and kinda sick (and well, I'm posting on this one)...insightful? Reality-based? Truly, it's about bucks. If we somehow made it clear we'd pay enough more for that write enable jumper (and the newly required increased support BS) - it'd be there, bet on it. And after awhile, it wouldn't need any more support than R&Ring an SD card - people do eventually learn the simple stuff if there's a benefit.

Re:Open SORES Infects Again

But they don’t have bricked laptops. So who is really the dumb one?

Re:Open SORES Infects Again

The Ubuntu users that got bricked have no excuse.

They should have read through the kernel source code beforehand and realized there was a problem.

Literally bricked my Lenovo

Basically bricked my Lenovo, luckily it was cheap POS I was trying to use for a laptop with Ubuntu. Last time I even consider Ubuntu,Linux of any kind or Lenovo crappy PC's.

Re:Literally bricked my Lenovo

Last time I even consider Ubuntu,Linux of any kind or Lenovo crappy PC's.

So basically, you're blaming everyone except Intel, who are actually the ones at fault. Retard.

Re:Open SORES Infects Again

I had a Linux kernel update that bricked my graphics. It took an entire 30 seconds to reboot and choose an older kernel. Meanwhile our Win10 is still booting/updating/shitting/something/whatever for 3 hours before being halfway usable. Windows sucks donkey balls.

Thats ubuntu for ya

Its canonical and ubuntu - who didn't see this coming?

Another kernel bug did something similar

[iampiti]

It was more than 10 years ago. There were some cdrom drives (LG I think) that interpreted some ATAPI command which was only used on cd recorders as a "upgrade firmware" command (or something like that). Some version of the kernel happened to send that command to every ATAPI device and so it corrupted said drives firmware.
I was hit by the bug when booting a live cd on my brother's pc but it was recoverable and so I managed to write a correct firmware and got the drive working again.

Re:Another kernel bug did something similar

[iampiti]

Correction: It wasn't actually a kernel bug, it was a bug of the cdrom's firmware

Re:Another kernel bug did something similar

[AvitarX]

I'd argue that it was both.

Sending junk commands isn't exactly something I'd think the kernel should do.

We need to stop

[ReneR]

designing overcomplicated systems that are unmaintainable spaghetti code and get back to "keep it stupid simple" and things that just work, and not try to right the user, ...

Recurring problem with them.

[Fly+Swatter]

I still have my bricked laptop from an attempted Ubuntu 9 to 10 migration. Luckily it was a really old laptop that I didn't really care to fix after that - just needed a floppy with the laptop's bios but couldn't find a working floppy drive or floppy to write on :/

Separation of concerns

[lucasnate1]

Why has the world forgotten it?

Re:Separation of concerns

Why has the world forgotten it?

The world hasn't forgotten, just use systemd-rememberd to get the path to systemd-concernd.

Re:Open SORES Infects Again

[F.Ultra]

Sure? https://answers.microsoft.com/...

That's not the same problem

[drinkypoo]

I finally checked the warranty and saw it was 14 months old so took it apart, removed the battery and motherboard battery, left it for an hour, powered it on, flattened the partition table an reinstalled. Works perfectly again, but after a huge amount of time wasted.

If removing the batteries solved the problem, then your problem wasn't BIOS. It was CMOS. The "CMOS RAM" is the volatile memory which stores settings used by the BIOS. The BIOS itself is stored in non-volatile memory. This was originally a PROM in the IBM PC, but today is pretty much always Flash ROM. Sometimes it's a flat quad package, sometimes it's a serial 8-pin DIP and it has to be shadowed into RAM just to function, but it's pretty much always flash. (Those ones are cool because they're usually socketed, and SPI-interfaced, which means they're useful for other projects...)

Re: That's not the same problem

Which one should I shoot with my AR15?

I updated to 17.10 on my Yoga 2 pro, am I fucked?

[wfj2fd]

I've had no problems so far, but will this brick my machine in the near future?

Re:Open SORES Infects Again

Don't ya just love the absolute bullshit answers from MS support? Linux users get better support from Linux peers, Windows users get a headache.

Re:Why the hell is it even touching the BIOS at al

[Swave+An+deBwoner]

127.0.0.1 www.ubuntu.com

Linux

You get what you pay for.

Obviously BIOS isn't stored on a "ROM" the way so many of you fucking idiots are talking.

DUAL BIOS Motherboards

[Darkk]

Good thing I have a motherboard with dual BIOS so if one gets screwed up due to a bad flash I can flip the switch to the back up BIOS and then copy itself over to the corrupted BIOS.

Re:DUAL BIOS Motherboards

That's not how Dual BIOS works, the system is supposed to detect a boot failure, and only automatically switch to the alternative BIOS.

Re:DUAL BIOS Motherboards

You can also do it manually champ.

Short terminals after battery removal

As I remember, that's how it was done in the PC days:
1) Remove battery
2) Short battery connections at the computer
3) Replace battery
4) Profit!

Re:Short terminals after battery removal

[Immerman]

Don't forget disconnecting from power and leaving it switched ON for an extended period, to make sure to drain any lingering charge. That's the bit many people often forget, since it usually doesn't matter, except when the ghost of random chance decides to $#@! with your day.

Re:Short terminals after battery removal

[fisted]

Don't forget disconnecting from power and leaving it switched ON for an extended period

Or, you know, push the power button once and see the fans consuming what little remains in the capacitors so you don't have to wait for an extended period

Re:Short terminals after battery removal

[Immerman]

That drains the power capacitors - but not necessarily charge stored in the electronics themselves. In DRAM for example, every bit is implemented as an independent capacitor. Other devices, even those that aren't intended to act as capacitors may also be capable of storing an internal charge with unpredictable lingering effects.

Re:Short terminals after battery removal

And these days, it's
1) Ensure motherboard has power cable removed and power switched off
2) Install BIOS upgrade on USB memory stick with the correct file name
3) Place USB stick in the upgrade port
4) Press the update BIOS button
5) Wait until blue light stops flashing and goes off

Any joe six pack can "upgrade" your BIOS, the minute the motherboard is out of your premises and sight.

Re: Short terminals after battery removal

[bohan]

Did you mean SRAM?

Re: Short terminals after battery removal

[Immerman]

No, SRAM uses a bistable flip-flop which is stable so long as power is supplied, an - DRAM actually needs an external memory refresh circuit to regularly read/write the stored data before the capacitors discharge so much that 1s and 0s can't be reliably distinguished. https://en.wikipedia.org/wiki/...

So is there any test or list of affected models?

[shanen]

I don't want to file this story as disaster porn, but so far it hasn't been anything I could describe as helpful. Ditto the comments. Double ditto the link and the comments there.

Right now I have 17.10 running on a Lenovo and a Toshiba, and so far I haven't noticed any problems. Lack of evidence is no proof of the negative...

Seems like my easy "response" is to hope that the next updates from Ubuntu take care of the problem (for extremely low values of care?). Unless it's already too late, in which case...

Not like Linux needs to shoot its reputation in the foot.

Me? I still lament that Linux was unable to seize the golden opportunity of Windows 8. Most of my machines run Windows 10 these days, alas...

It is dirty, messy, ...

All this hardware is a crap, shitpile, etc. Why?

What even is that?

[slashmydots]

What the hell in the operating system needs to write data to the BIOS chip? I'd love to hear anyone's reasoning behind why that's remotely necessary.

Re:What even is that?

[bws111]

Update the BIOS on managed systems. Set things in NVRAM (boot order, secure boot keys, etc).

Re:What even is that?

[feenberg]

Is there a man page for the Linux program that sets things in NVRAM? I don't recall seeing that anywhere.

Re:What even is that?

[bws111]

Don't know about a man page, but the /sys/firmware/efi/efivars filesystem contains the efi nvram. Read and write.

Re:What even is that?

[bws111]

To be clear, any program that can write files can set things in nvram through that filesystem (the data does need a 4 byte attribute prepended to it). The only program I can think of that specifically changes nvram is efibootmgr (there is a man page for that), but even that is just using the efivars filesystem.

That's Linux for you

[SurenEnfiajyan]

So what do you expect from this "rush rush" attitude with no QA and regression testing? Many eyes make bugs shallow, right? After Linus called the security people morons it turned out that the dirty COW patch was incomplete. Honestly, the latest kernels are incredibly buggy. In 4.10 (Ubuntu LTS) one of my cores went 100% in low memory (swapping) situation. And even after closing many programs the "kswapd" shit was still busy at spinning at 100%. The notorious bug 12309 where many symptoms are still present, 14505 where file descriptors and network sockets cannot be forcibly closed and removing a USB stick without unmounting leads to stale mount points, and in certain cases to oopses and crashes and so on... How amazing this enterprise garbage kernel is let alone the userspace...

Re: That's Linux for you

CoolStoryBro. TellMeMore

Re: That's Linux for you

Ubuntu LTS is always an April (x.04) release, not October (x.10). Therefore we can all see you made up this story. Thanks.

Re: That's Linux for you

[SurenEnfiajyan]

4.10 is the Linux kernel version. LTS versions use backported kernels from newer versions in point releases.

software only

SD write protect sliders do not provide hardware-level write protection. Software can ignore these if it so chooses.

BIOS now has same problem as with systemd.

[CptLoRes]

Instead of doing one task very well, it's trying to do everything. With predictable results..

Re:So is there any test or list of affected models

[techno-vampire]

Not like Linux needs to shoot its reputation in the foot.

You do understand, don't you, that Ubuntu != Linux. I run Fedora, and there's been no mention of this particular issue affecting Fedora, even though it's always very big on pushing out new kernels as quickly as possible. I don't know if either distro modifies the kernel before making it available, or if this isn't in the kernel itself but some support module, but AFAICT it's distro-specific. I do hope, of course, that it gets cleared up quickly.

Note from Linus Torvalds:

F U Intel

Re:Why the hell is it even touching the BIOS at al

[nnet]

::1 www.ubuntu.com

FTFY.

Crap.

Will it brick my Thinkpad x60?

Re:Why the hell is it even touching the BIOS at al

[Swave+An+deBwoner]

You ought to fix that for Ubuntu.com first; their nameservers don't seem to offer an IPv6 (AAAA) RR.

Obligatory :-) included at no extra charge.

Re:I updated to 17.10 on my Yoga 2 pro, am I fucke

[ilsaloving]

Just never reboot your machine ever again. :)

Re:So is there any test or list of affected models

[shanen]

I certainly agree with you that there are many distributions, and I think that is one of the best aspects of Linux. Monolithic thinking is anti-freedom. Check my sig.

However whenever a major distro looks bad, all of Linux catches some shade. I still blame the financial models, but been there, done that, no one's interested in such crazy ideas as alternative possibly even better financial models.

Re:Why the hell is it even touching the BIOS at al

[nnet]

Fix what? See above.

Re: Open SORES Infects Again

Democrat partisans sure do hate software freedom.

Re:So is there any test or list of affected models

Me? I still lament that Linux was unable to seize the golden opportunity of Windows 8. Most of my machines run Windows 10 these days, alas...

I would argue that YOU missed the opportunity, alas...

confidence game

[Reverend+Green]

I've lost confidence in Ubuntu. Canonical seems increasingly user-hostile. And in my subjective opinion - reinforced by this story - their technical quality has been declining for a while.

So what's the alternative?

My Docker containers are already based on Alpine, and running atop ECS, which is based on Amazon Linux. But I still need cloud VMs and bare metal servers. One thing I really appreciate about Ubuntu it's the ease of running the same OS on my servers and on my Thinkpad laptop.

*BSD is out because afaik it cannot run Docker. No, I'm not fucking giving up my containers. They are incredibly useful for my job.

Mint is for dopes.

Slackware was fun 20 years ago when I was just learning. Seems like it would be an incredible pain to use it for production work.

CentOS and Fedora have always been a little unpleasant to work with. But maybe worth another look.

I've never actually tried Alpine outside a container. So it's a possibility I guess.

Serious question for people who have abandoned Ubuntu: What did you switch to? Was it worth the hassle?

Re:confidence game

Jesus, man, just use Debian. I started on Linux in 2000 with Mandrake, then RedHat, then SuSE (briefly), then back to Mandrake, then Linux from Scratch (briefly), then Ubuntu (briefly, on a Power PC), then Gentoo (for 4-5 years), and then I discovered Debian around 2007 and finally got some work done. It's been almost ten years with Debian and I have 0 desire to switch to anything else.

Oh, and Debian stable doesn't even include docker right now (the package name is docker.io in Debian). Yes, I know you need Docker, but since it's not in Debian, YOU'RE DOING IT WRONG!

Re:confidence game

[Per+Wigren]

Debian.

Re:Why the hell is it even touching the BIOS at al

IT'S A SINGLE MULTITHREADED SELF CONTAINED 32/64 BIT EXECUTABLE WRITTEN IN DELPHI XE4 YOU FOOL!

HP Laptops with Insyde BIOS, affected or not?

[deepclutch]

HP also has Insyde BIOS in their laptops and newer laptops usually works perfectly with Linux. Is there any reports of problems with HP?

No USB boot either.

Two days ago I was trying to boot my Lenovo y50-70 from USB. It simply did not see any bootable devices on any USB port. That seemed odd at the time. Then I saw this article and realized that I had installed Ubuntu 17.10 on a different partition when it came out so I could try it. It looks like that may be the last new OS I get to try on this PC. (At present I can boot Debian Stretch - my daily driver - Windows 10 - just in case - Kali and Ubuntu 17.10. I suppose if push came to shove I could always put the SSD in another PC and install Linux on that. This works well because Linux pretty much installs all available drivers. I don't think that works with Windows though. I accidentally booted the HDD I had in the Lenovo in another PC and the results did not look good.

I'd like to replace the Y50 anyway and not with a Lenovo. The speakers no longer work and the case is cracked near the hinges. After upgrading RAM, HDD to SSD and replacing the crappy LCD with an IPS panel I've got a few $$$ in it and prefer to keep using it for a while longer. I don;t think I'll ever buy another Lenovo and it seems very unlikely I'll ever install Ubuntu on anything.