Battle UEFI or Legacy for my Windows 10 PC?

[angustaver]

How do you install windows?
Uefi or Legacy
I currently have installed win 10 Legacy
Really is better uefi
It's worth it
My bios has secure boot
And is enabled by default
If my system is mbr (not Uefi)
Should I disable secure boot?
Is it really worth installing uefi system partitions gpt?
What do you think

 

[HarborFront]

UEFI is the replacement for the older BIOS

If you have a new PC/laptop most likely the system boots up using UEFI. Older PC/laptop comes with the legacy BIOS. However, for backward compatibility, many today's PC/laptop comes with both.

Microsoft tablets (like my MS SP3 and SP4) are exceptions for they ONLY come with UEFI.

Also, if I'm not wrong, Secure Boot is for UEFI only. You'll need to disable Secure Boot if you switch to using the BIOS. Read below

Secure Boot Overview

Having both is an advantage. One example is booting up of TAILS OS from a USB stick. TAILS OS is still using the older BIOS for this purpose and it's not supported by the UEFI for now

 

[Ink]

Please note, my understanding of UEFI, Secure Boot and GPT are limited and I may confuse the following information.

I was going to post a thread on MBR/GPT yesterday but never got around to posting. However, here are some links that you may find interesting to read over.

1. How to Check if Disk Partitions used MBR or GPT
2. What is a GPT partition
3. Convert from MBR to GPT (all data will be wiped)
4. Understanding the difference, explained by Malwarebytes
5. Understanding UEFI's Secure Boot on Windows 10 Enterprise

I currently use and do recommend using GPT over MBR, even if you do not have 2TB of storage it's still a better option than MBR. Explained by TWC - Limitations of an MBR Disk:

An MBR formatted disk can have only 4 primary partitions and can manage data only up to 2TB. With data storage needs increasing, the GPT (GUID Partition Table) disks are now being sold with newer computers, that can address more than 2TB of storage. MBR disks reserve the first sector of the disk for storing information about the disk partitions and location of the operating system files.

In other words, the firmware and operating systems rely on this first sector for proper operation of the disk. If the MBR goes corrupt, you may lose general access to the data on the disk.

In case of GPT disks, the disk information is replicated more than once and hence such disks work, even if the first sector gets corrupted. A GPT disk can have up to 128 primary partitions.

 

[whizkidraj]

If u do a lot of partitioning thing and dual, triple, quadruple boots, then use GPT always. If u like doing all that, but if u like installing and keep trying new OSes one at a time, then use MBR format. GPT is hard to deal with if we do all these things, but that is the fun, too. We learn when we do something challenging. MBR is just for people who don't wanna try much and want a settled and happy OS using life.
The technical details u obviously might know and the difference between them, but this is what you are looking for here, right. Some personal experience, advices and suggestions. I have dealt with this GPT and MBR thing a lot and I still do, so that was my advice. Quick and succinct

 

[Myriad]

I don't have UEFI on any of my machines and it pleases me ( they are not new enough anyway ).
My experience with it is only in repairing machines for other people , where it always seems to get in my way .

I know the arguments about extra security , built in from the hardware / firmware level up , but it's just not for me
.... I handle all aspects of my own security , and I don't want Big Business to have any part in it .

I hope it can stay that way ....
.... and forums such as this one are a big help

 

[shmu26]

GPT is better protected against the petya type of ransomare, which attacks MBR.
If you have GPT and get hit with petya, you can repair your boot loader, and you are good to go.
But if your hard disk is MBR, then it is unrepairable.

 

[HarborFront]

GPT is better protected against the petya type of ransomare, which attacks MBR.
If you have GPT and get hit with petya, you can repair your boot loader, and you are good to go.
But if your hard disk is MBR, then it is unrepairable.

Does the petya ransomware attacks the GPT? I don't think so otherwise AppCheck would mentioned it provides protection against the GPT besides the MBR in its Pro version.

 

[Winter Soldier]

Does the petya ransomware attack the GPT?

"GPT hard disk has an MBR (for backward compatibility purposes) immediately followed by its own partition table: a one-sector header followed by at least 32 sectors of partition data.

Petya overwrites this GPT data, but doesn’t keep a backup of it, assuming instead that the sectors were unused."

New ransomware with an old trick: “Petya” parties like it’s 1989

 

[HarborFront]

"GPT hard disk has an MBR (for backward compatibility purposes) immediately followed by its own partition table: a one-sector header followed by at least 32 sectors of partition data.

Petya overwrites this GPT data, but doesn’t keep a backup of it, assuming instead that the sectors were unused."

New ransomware with an old trick: “Petya” parties like it’s 1989

So, any anti-ransomware software can protect the GPT data to be overwritten by petya? Can MBRFilter or AppCheck Pro do this?

 

[Winter Soldier]

So, any anti-ransomware software can protect the GPT data to be overwritten by petya? Can MBRFilter or AppCheck Pro do this?

You consider that the article above is referring to the old version of Petya.
Therefore, also considering the fast evolution of malware, I would like to answer yes/maybe.

 

[HarborFront]

You consider that the article above is referring to the old version of Petya.
Therefore, also considering the fast evolution of malware, I would like to answer yes/maybe.

But the AppCheck developer was asking me whether I have a sample of a ransomware which affects the GPT....strange, right?

 

[angustaver]

If my system is mbr (not Uefi)
Should I disable secure boot?

 

[Winter Soldier]

But the AppCheck developer was asking me whether I have a sample of a ransomware which affects the GPT....strange, right?

MBR stands for master boot record where the instructions start, and then it is essential for a correct startup of the operating system. In truth, now with Windows 10 it is recommended that you use the GPT format, matched to the new UEFI (which have taken the place of the obsolete BIOS): even if as I said, within the GPT, there is a string dedicated to the MBR for backwards compatibility.
MBRFilter seems to block the writing and then the intervention of Petya, and other similar samples.
But as I said, considering the fast evolution of these specific codes, it is difficult to say whether what works today, will work tomorrow.

 

[Winter Soldier]

If my system is mbr (not Uefi)
Should I disable secure boot?

If I am not mistaken, to disable Secure Boot, the firmware must be in Legacy mode.

 

[shmu26]

As far as I understand, Petya attacks MBR, not GPT.
However, the bootloader, even on a GPT disk, uses MBR. Therefore, after petya attacks a GPT disk, the bootloader will need to be repaired. This is not a big deal, as there are plenty of rescue CDs, such as Macrium Reflect, for instance, that are capable of doing this repair.

 

[angustaver]

Please answer my question
Do not start ramsonware discussion
If my system is mbr (not Uefi)
Should I disable secure boot?

 

[shmu26]

Please answer my question
Do not start ramsonware discussion
If my system is mbr (not Uefi)
Should I disable secure boot?

If you do not have UEFI, then secure boot will not be functioning. It doesn't matter if you disable it or not.