war story: BIOS update without Windows

D. Hugh Redelmeier hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Sat Jun 7 15:27:03 UTC 2014 

We bought an Asus X200MA notebook from the Microsoft Store.  It was a 
great deal (sale price $200; $300 now).
<http://www.microsoftstore.com/store/msusa/en_US/pdp/ASUS-X200MA-US01T-BL-Touchscreen-Laptop-Blue/productID.298818800>
It is pretty much everything that a netbook should be.  Something the 
specs don't tell you: it seems pretty quiet.

Without ever starting Windows, we installed Fedora 20, while remaining
in Secure Boot mode.  That went pretty well.  Only oddity: at first
boot after installation, the display didn't show anything.  I used
CTRL-ALT-F2 to get a text console, performed all updates (a whole
lot!), and rebooted.  All was well after that.

Then I noticed that there were several releases of firmware ("BIOS")
after the one installed on the machine.  The only way that Asus
provided for updating the firmware was a WinFlash, a program that
needs to run under Windows.  But we hope to never run Windows.

I found flashrom.  It seems pretty interesting.
<http://flashrom.org/Flashrom>
But it would not run under fedora on the notebook.  It was not allowed
to open some I/O device even though it was run as root.  I wonder if
that was related to Secure Boot.

Detour: from the flashrom site, I learned a bit more about Intel's AMT 
technology (for remote management) built into many motherboards
<http://flashrom.org/ME>
<http://invisiblethingslab.com/resources/misc09/Quest%20To%20The%20Core%20%28public%29.pdf>
Scary.  Each chipset has an ARC CPU core -- a 32-bit processor
that I don't think I'd heard about before.  Easy to subvert, and from
then on things get bad (undetectable "Advanced Persistent Threat").
Dan Farmer thinks it is less scary that IPMI <http://fish2.com/ipmi/>.
That's very scary.

I googled and found hints that you might be able to buy this notebook
without Windows in India.  So I asked Asus, through their India
portal, about how to update the firmware.  They replied that there was
a feature called EZ flash in the BIOS setup screen.  All I needed was
a USB stick with the default FATty filesystem and the unzipped
firmware file.

<http://vip.asus.com/forum/view.aspx?id=20070215223109668&board_id=1>

It worked.  Problem solved.

Yes, I think that it is funny to buy a machine to run Linux from the
Microsoft Store.

I wish Linux desktops could make the touchscreen more useful.  Win 8.1
is ahead of "us".
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list