Booting using EFI/UEFI with Windows 8 and early Intel Macs

Discussion in 'iMac' started by hburke, Sep 7, 2014.

  1. hburke macrumors newbie

    Joined:
    Aug 15, 2014
    #1
    I am an IT director at a small Ace Hardware store located in a small town in Pennsylvania. We use Boot Camp to run Windows on Macs. We do not use Mac OS X, in fact I only install Windows When we get them. as Mac OS X is Completely open to prying eyes and a huge security risk. Apple's early EFI implementation was only compatible with EFI 1.1X and Apple has no intention of updating this firmware. Windows 8's UEFI implementation requires UEFI 2.X making them already incompatible, as well as apple's EFI not being able to load 64-Bit .efi files. We are planning on upgrading to Windows 8.1 Enterprise 64-Bit as all of our computers are capable of running this as they all have Core 2 Duo or better processors.

    We have Many iMacs, a few Mac minis and a MacBook used to solve problems on the go Most of which suffer from the problem of being old ( Apple only officially supports 10.7 Lion on these Devices ) We Have newer Completely Uni-body iMacs that are capable of UEFI 2.x and work just fine with windows 8's UEFI implementation.

    How possible would it be to flash a modded Firmware to one of these devices that would support UEFI 2.x? Most bios modding tools are able to dump it and read the modules contained inside it.
     
  2. yjchua95 macrumors 604

    Joined:
    Apr 23, 2011
    Location:
    GVA, KUL, MEL (current), ZQN
    #2
    I'm interested to know how OS X is completely open to prying eyes and a huge security risk. I'm sure the rest of the forum would like to know this too.
     
  3. cypriot macrumors regular

    Joined:
    Oct 14, 2011
    #3

    I double this request. Thanks.
     
  4. hburke thread starter macrumors newbie

    Joined:
    Aug 15, 2014
    #4
    You can easily boot into Single User mode by pressing Command S and create a new user from there with full administrative privileges and that has no restrictions. With Windows you can encrypt it with BitLocker to prevent the use of CDs like NT Password Viewer. you can boot into single user mode whether or not you have FileVault enabled.

    ----------

    Here's a link...
    http://www.hackmac.org/tutorials/how-to-create-a-new-administrator-account/
     
  5. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #5
    Enabling a firmware password makes unauthorized use of single user mode impossible, though if your computers are old enough it's possible to get around the firmware password without much difficulty. Further, with FileVault enabled, even in single user mode, there's no way to access the data on the disk and thus, no way to create a user. Without the password to unlock the disk, the computer will not even boot, into single user mode, or anything else, on the encrypted disk.

    ----------

    There's no newer firmware for these Macs than what Apple offers, and no way to get a custom firmware on them.
     
  6. hburke thread starter macrumors newbie

    Joined:
    Aug 15, 2014
    #6
    On Snow Leopard and below FileVault only encrypts the Users folder, I have no interest in bying 10.7 lion as these macs can't run anything higher for the most part. as well as the added benefit of being able to use the whole disk, as most Macs of this era only have 80-160 GB hard drives
     
  7. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #7
    In that case, you're out of luck.
     
  8. hburke thread starter macrumors newbie

    Joined:
    Aug 15, 2014
    #8
    Bios Modding tools recognize the firmware as EFI/Insyde bios and are usually able to read modules from it as well as inject modules into the rom. I have macs to burn and time to waste.
     
  9. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #9
    It doesn't matter, there's no BIOS in a Mac. You won't be able to create UEFI 2.x on your own.
     
  10. hburke thread starter macrumors newbie

    Joined:
    Aug 15, 2014
    #10
    If this isn't a bios than i don't know what it is. wouldn't it be possible to remove the EFI module and put in a new one from a compliant PC.
     

    Attached Files:

  11. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #11
    EFI/firmware is specific to a given device; if the hardware differs, the firmware isn't interchangeable.
     
  12. yjchua95 macrumors 604

    Joined:
    Apr 23, 2011
    Location:
    GVA, KUL, MEL (current), ZQN
    #12
    Some so-called IT 'expert' you are...

    Booting into Cmd+S can be easily disabled by setting an EFI firmware password. This means that you cannot change the startup disk at boot time, or boot into recovery or single user, unless the EFI password is supplied while holding down Cmd+S, Cmd+R or Alt/Option.

    ----------

    The EFI is hard-wired into the hardware, and not removable or modifiable. You can mod the boot manager, but not the EFI itself.

    Besides, Apple uses its own proprietary version of EFI (which is different from the UEFI that Windows PCs user).
     
  13. Kyle-K, Sep 7, 2014
    Last edited: Sep 7, 2014

    Kyle-K macrumors regular

    Kyle-K

    Joined:
    Aug 23, 2014
    Location:
    Geraldton, Western Australia.
    #13
    Agree with this as stated by many people already in this thread.
     
  14. hburke thread starter macrumors newbie

    Joined:
    Aug 15, 2014
    #14
    I would set a firmware password if i could even boot into the Mac OS X DVD, due to apple's extremely high failure rate of optical drives and general inability to boot from USB flash drives. And OS X is completely irrelevant as we use all Windows based computers.
     
  15. yjchua95 macrumors 604

    Joined:
    Apr 23, 2011
    Location:
    GVA, KUL, MEL (current), ZQN
    #15
    Then the Macs you're using must be really ancient.

    I've booted from USB drives all the time and they work flawlessly.
     
  16. hburke thread starter macrumors newbie

    Joined:
    Aug 15, 2014
    #16
    Maybe ancient in your terms but still useful in my terms. Macs of the early Intel variety (2006-07) which makes up a majority of what I have to deal with tend to have problems booting from USB Devices where it flat-out refuses to boot altogether from MBR flash drives and UEFI for Windows and gives me the crossed out circle when I try to boot Mac OS X. Until I realized I don't need OS X on the drive at all and that I can Install Windows from the network through PLOP boot manager, completely bypassing the optical drive.

    I have laptops from 2003 that can boot from USB properly...
     
  17. scaredpoet, Sep 12, 2014
    Last edited: Sep 12, 2014

    scaredpoet macrumors 604

    scaredpoet

    Joined:
    Apr 6, 2007
    #17
    1. You've asserted (incorrectly, but there's no point in arguing) that OS X and Macs are insecure,

    2. You've also made the assertion that the equipment failure rate is high.

    It's probably a waste of time and space debating these points with you, but given the above, common sense would indicate that you're getting into more "trouble" with these Macs than they're worth. Sell them to someone who knows what to do with them, and use the proceeds to buy equivalent Dell/HP/Custom Windows PC hardware. I'm sure you'll find some willing "schmuck" who will pay a premium to get those Macs off your hands, and equivalent PC hardware will be cheap and plentiful by comparison.

    You'll be able to do what you want with such hardware without having to jump through a bunch of hoops to get Windows installed they you want on them, only to find out you can't do what you really want to do anyway.

    P.S. Windows has an undocumented method for gaining access to the admin account, and creating new accounts when a password is unknown or forgotten, too. They just don't call it "single user mode."
     

Share This Page