Part of the power of Linux is that if you want to accomplish something in computing terms, you can do it with Linux. This is not to say that you can’t accomplish things with other OSs (Operating Systems), but it can be much easier to figure out, and accomplished more quickly with Linux than with other OSs.
Main Parts of Linux OS & Computer:
Basic Input/Output System (BIOS) software is known as firmware. It is the thing that starts hardware processes during the boot phase when starting a computer. It keeps runtime services for the OS and programs functional. BIOS software is the first software that runs when turning the power of a computer on. It also provides an abstract layer for hardware to communicate with software. There is another concept directly related to BIOS called the Unified Extensible Firmware Interface (UEFI.) Technically speaking, BIOS software is a sort of operating system that loads in order to handle low level tasks for the computer. 1 megabyte (MB) is the standard (or used to be) the amount of memory for the BIOS. Most BIOS systems are only able to allow 16-bit instruction, and support a Master Boot System (MBR) with a maximum of 2 terabytes (TB) of memory with only 4 partitions. The new UEFI allows up to 128 partitions and a maximum of 8 zettabytes (ZB) of harddisk (HDD) space. This is equivalent to 8 trillion gigabytes (GB). A hurdle that some Linux users may have to overcome is that they might have to manually add a new key to the UEFI database in order to install an OS. Adding a new key to a UEFI allows for what is known as a Secure Boot. Ubuntu has specific Secure Boot instructions. If you are working with more obscure versions of Linux you may want to check out more general guidance about how to make UEFI Secure Boot work for you.
Locking Down the BIOS?:
While setting an Administrator password in the BIOS will prevent people from enabling other hardware to boot from, it is easy to bypass if someone is determined to do so. If you are going to take this step, please also find a way to make it physically difficult for someone to open the computer case and/or access the motherboard of the machine. Most computers still require a CR2032 battery to power the CMOS. Computer Users who understand what it takes to boot from their USB, SSD, or Optical Drive know how to reach the motherboard’s battery that powers the BIOS. Removing this battery long enough will reset the BIOS and allow someone access. Often a jumper can be used to reset the BIOS as well. Another way for someone to affect the BIOS / Boot order of the machine is with a rootkit or user level software designed to allow access to BIOS functions. It is also possible to brute force into BIOS remotely if someone is determined. As it turns out, there are powerful viruses in the wild that can affect BIOS, but perhaps only compromising 32bit systems at this time. Who knows? Perhaps you like the idea of hacking your own BIOS. You could join a community of other BIOS hackers to learn some wonderful options about securing your BIOS. If you are wondering about the effects of running your computer without the CMOS battery take a look at these articles:
- Advanced Power Management – (APM)
- Advanced Configuration and Power Interface – (ACPI)
- Real Time Clock – (RTC) alarm
- Institutionally Designed Vulnerabilities
- All x86 machines (particularly Intel processors) are innately vulnerable
- Want to try a Ring -2 / SMRAM hack on your own?
- Laughable options to lock down our computers starting with BIOS
- Popularized notion regarding security at this level of computing
Seemingly unrelated fact:
The 2005 storm named Zeta broke a record as being the 28th named hurricane of the year in 2005. That was 7 more storms than the previous record made in 1933. This was the same year the famous Hurricane Katrina rocked New Orleans. Perhaps this is an indication that a “data/zeta storm is coming?”
- Linux Kernel Source Files
- Start Working with Your Kernel
- Paths to learning about Kernel Code
- Worth knowing about even if you don’t want to program Kernel code:
Google’s Summer Internship program
Also worth knowing about:
Gnome’s Minority Outreach Program
It is worth noting that kernels of different types have common elements. In addition to listing the main sections, check out this really cool interactive map of a Linux Kernel or you can download it for free:
- Process Management
- Device Management
- Memory Management / Linux Specific Memory Management
- Interrupt Handlers
- I/O Communication (ftrace – Swiss Army Knife of Kernel Tracing)
- Also worth looking at mmiotrace
For comic relief, you may wish to view the official names of Linux Kernel Distributions. My personal favorite is version 2.6.30-rc4–2.6.30-rc6 known as Vindictive Armadillo. A close second is version 2.6.20-rc2–2.6.20– known as Homicidal Dwarf Hamster. Also quite funny is Linus Torvalds’ rant aimed at Andy Tanenbaum in early 1992. Of other importance, it is worth noting that Linus Torvalds is back to maintaining the Linux Kernel.
x86 CPU hardware provides for 4 levels of protection. Ring zero is Kernel Mode, while Ring 4 is User Mode. Considering the notion that the CPU hardware needs protection at all is worth a moment of reflection. Perhaps you think you know the difference between a Computer Virus and Malware. Kernel developers would beg to differ. Definitions of such things are getting blurred across all lines of defense. Some people even publish how to modify permissions to create Kernel Exploits. Katrina LaCurts at MIT has some solutions for this problem, but the development is not absolute. Suffice to say that this is a ripe area for development on all fronts. There is a lot of value that comes with computing permission on a large scale. If you decide to dive into the seedy world of kernel hacking, Proceed With Caution. << For this last link: advance through the website by modifying the numbers in the address bar rather than the “next” link at the bottom left of the pages.
The less privileged mode or the 4th ring of the protection levels of your computer is where most of your software runs. Software, hacks, and exploits written for the User Mode have to be more discrete, or tactfully written so as to be less obvious to the actual user of the machine. If the software causes failures in the system, they will not cause the OS to crash in most cases. The trick with this level is hiding the fact that the software is running at all.
Kernel Modules load after the core kernel starts. Much of the functionality of the Linux OS is compiled as part of the Kernel, but many of these functions are performed by Kernel Modules that are loaded afterwards and are not considered native to the kernel code. One important distinction between drivers and kernel modules is that kernel modules add functionality to parts of the system that may not be considered hardware. Kernel modules can add functionality to ipv4, ipv6, security, and more.
Drivers relate exclusively to hardware. They allow the software (which is running in RAM) to communicate with hardware to accomplish everything you may want to do on a computer. Drivers can exist in userspace, in kernel, or loaded as a module. Some drivers operate in multiple of these spaces at the same time.
The LSB is a standard that dramatically reduces costs to develop software for the many different distributions of Linux OSs. If you want to write code, or modify code that is run on any version of Linux, read about LSB and become familiar with the Charter. The different libraries throughout Linux serve different purposes. To understand them better you may want to look into Hooking DLL Injection though a conceptual overview can help before beginning software development. Of primary importance for the purpose of this article: understanding system calls will help you know how to change between execution mode of a program from user mode to kernel mode.
System Utility is otherwise known as System Software is designed to provide services to other software like the operating system, game engines, or SaaS thin client software. If you are unfamiliar with the Thin Client concept, it’s worth understanding zero clients, thin clients, VDI, and … in terms of virtualization and how it can be utilized in a user environment.
Finally I will end this article with some intriguing machines that run Linux or other odd OSs.
- Large Hadron Collider CERN Detected the Higgs Boson with Linux
- McCain 2070LXN2 NEMA, controls San Francisco’s traffic with Linux
- United Space Alliance, International Space Station is run by Linux
- Nspire CAS CX Calculator Counts Your Numbers with Linux
- FAA Air Traffic Computers Control Jets with Linux
- Lockheed Martin War Machines
- Comprehensive List
- DeLaval can Milk Your Cow with Linux
- Playstation can Play your Games with Linux
- North Korea names its Official Operating System as Linux
- Resurrect your Old Dead Hardware with Linux
- gNewSense Preserves your Freedom with Linux
- Computer Aided Investigation Environment (C.A.IN.E) investigates with Linux
- Yellowdog can use a PS3 to Bend your Proteins with a Supercomputer with Linux
- Moksha Makes your Computer Beautiful with Linux
- Palm Pilot died and became Haiku
- Run Windows Programs without running Windows
- MenuetOS is written entirely in Assembly Language