Posted 12 January 2008 - 09:59 PM
In addition to the information provided in garmanma's link:
1) does setting a password on the BIOS access prevent malware form writing themselves to the BIOS memory
No, this password only restricts user access to the system's own BIOS setup program. Software can still access the BIOS, for example a BIOS update flash can still be done. So the (fortunately) rare BIOS infecting malware isn't affected by the presence of a password.
2) my mobo doesnt have a physical jumper to prevent flashing to the BIOS, but there is an option in Adcanced BIOS settings title "No excute memory protection".. its description is " when disabled, it forces NX feature flag to always return 0
if i disable it , will this prevent ANY writing/altering to the BIOS by MALWARES or even flashing the bios for upgrade
NX (No Execute), also known as DEP (Data Execution Prevention) protects system memory from being misused by the trick of executing malicious code from memory allocated for data. Disabling it will remove this memory protection, but either way will not directly affect the BIOS area.
3)is it possible to restrict the launch of a certain program on the computer to a hardware device.. i think its called a dongle..... how to do so ? how secure is it , ie can the dongle encryption method be cracked?
A dongle is keyed to a piece of software when it is written - the dongle manufacturer will provide a software manufacturer with a small API (Application Programming Interface) to provide a hook for the dongle. You can't say anything cannot be cracked, but the encryption levels used are high, and the dongle is a hardware device, so overall it is a very secure system. I don't think it would be feasible to retrospectively add dongle control for pre-existing software, but I could be wrong.
Top 5 things that never get done: