Quote Originally Posted by sa3er3 View Post
so i think the answer is i have to buy a computer without HDD and BIOS battery (old fashion) ?
Good luck getting such a system to run at all. The BIOS is necessary in order to boot the system, and without a battery you won't be able to configure it at all. Once the system boots, Linux no longer makes any use of the BIOS -- and the bootstrap code within the BIOS chip on the motherboard is totally incapable of accessing any network or downloading anything.

As others have told you, installing a BIOS trojan requires physical access to the machine. And if outsiders have such access, no security is possible.

In addition, if your security requirements are actually as strict as you indicate, the machine should never be connected to a network at all. The only completely secure system is one which is incapable of any input or output, and located in a sealed enclosure with no means of physical access. Of course, such a system is also completely useless...