Before the release of UEFI in 2007, the basic input/output system (BIOS) has been the main fixture in personal computers since the 1970s. Packed into silicon on the PC motherboard, the BIOS detects and initializes devices at startup and accesses the master boot record (MBR) on the hard drive to start the boot process. The BIOS also serves as an important, low-level management tool, allowing admins to tweak system behavior, implement security, and control peripheral devices and storage.
Over time, PCs have outgrown the traditional BIOS, with its scant 1MB memory ceiling and 16-bit architecture that limits boot drive capacities to 2.1TB. So in 2007, a consortium of companies including Intel, AMD, and key PC manufacturers crafted an advanced successor to the BIOS, known as the Unified Extensible Firmware Interface (UEFI). PC makers have largely transitioned to UEFI, though many organizations continue to manage a mix of UEFI-based PCs and older BIOS-based computers. The term “BIOS” is also still commonly used to refer to both BIOS and UEFI architectures, so what exactly are the key difference between a BIOS and a UEFI?
UEFI vs BIOS – Key Differences
UEFI is more than just an expanded BIOS with graphical elements, a mouseable UI and support for 32 and 64-bit code. UEFI enables new levels of security and robustness at the foundation of the compute architecture, and establishes a “root of trust” upon which all other security solutions, such as anti-malware software, can rely.
Case in point is the UEFI Secure Boot feature, which employs digital signatures to verify the integrity of low-level code like boot loaders and operating system files before execution. If validation fails, Secure Boot halts execution of the compromised bits to stop any potential attack in its tracks. This scheme can blunt the most pernicious threats, such as hard-to-detect rootkits that can otherwise elude detection and remediation.
Another important benefit of UEFI is that it does not rely on the fragile Master Boot Record (MBR) scheme to store the low-level bits that bootstrap the operating system. Under MBR, these key bits reside in the first segment of the disk, and any corruption or damage to that area will prevent the operating system from loading. By contrast, UEFI employs the GUID Partition Table (GPT) scheme and stores initialization code in an .efi file found in a hidden partition. GPT also stores redundant copies of this code and uses cyclic redundancy checks to detect changes or corruption of the data. The result is a far more robust and recoverable boot environment for UEFI-based PCs.
UEFI and BIOS Compared
|Boot drive capacity||2.1TB||9.4ZB (9.4 billion terabytes)|
|Primary partition limit||4||No limit|
There’s a lot to like about UEFI, but some complications do exist. Admins who want to install or dual boot Linux on existing Windows PCs may face obstacles with UEFI’s Secure Boot functionality, which is designed to block execution of non-verified OS code. Also, there’s no way to upgrade older BIOS-equipped systems to UEFI, so implementing something like Secure Boot across the enterprise requires physically replacing older equipment.
The good news: UEFI offers a compatibility mode that interoperates with MBR-formatted hard drives and OSes lacking UEFI support. The UEFI Compatibility Support Module (CSM) emulates the legacy BIOS environment so newer PCs can support older hardware and OSes.
These type of large scale evolutions, while often slow to mature, can make a huge difference in the way we interact, customize and troubleshoot hardware. With UEFI taking over as a the standard in recent years, there’s a good chance you’ve already run across a system using it. Have you taken advantage of any of the new capabilities? What do you think of the GUI? Share your thoughts in the comments below.