johnnyrage Posted January 18, 2009 Share Posted January 18, 2009 hey folks was reading this article on awgh blog about new bios's from intel etc which will be programable to setup networking,keylogging and disk access before an o/s has even been booted into,the scary thing is that the source code has been released which in the wrong hands could be used for malicious attacks in future,i can also remember reading somewhere about the chinese having backdoors in motherboards etc will this render antivirus and firewall software obsolete http://www.awgh.org/?p=27 just thought it would be an intresting topic and see what uz guys think about it Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 18, 2009 Share Posted January 18, 2009 Malware in the BIOS is the ultimate malware. If done properly it would be near undetectable, and only removable by way of a device that flashed the chip without using the chip to boot. Difficult to create, probably just as difficult to deploy reliably (without killing motherboards) Quote Link to comment Share on other sites More sharing options...
psychoaliendog Posted January 18, 2009 Share Posted January 18, 2009 First things first anti-virus and firewall software are already useless. Software that protects against other software doesn't work. Next, just because the source is released doesn't mean its less secure. Open Source software tends to be more secure. Security through obscurity is no security at all. Quote Link to comment Share on other sites More sharing options...
ADM1NX Posted January 22, 2009 Share Posted January 22, 2009 http://hackaday.com/2008/05/20/phlashing-d...k-the-new-hype/ There's also the risk of somebody bricking it remotely, but that's true now with most devices that recieve firmware updates over the net and don't have any way of verifying integrity (which most do). As long as mobo's still have removable bios chips, there's still a way to recover a bad flash by using a programmer for a microcontroller to flash the clean bios on. with the chip programmer, you can also dump the malicious firmware to a file for forensic analysis. Quote Link to comment Share on other sites More sharing options...
sablefoxx Posted January 22, 2009 Share Posted January 22, 2009 Malware in the BIOS is the ultimate malware. If done properly it would be near undetectable, and only removable by way of a device that flashed the chip without using the chip to boot. Difficult to create, probably just as difficult to deploy reliably (without killing motherboards) Psh, China's been building this into all of our motherboards for years *Puts Tin Foil Hat Back On* ....oh no, they know i talked... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.