Researchers Demo BIOS Attack That Survives Disk Wipes 396
suraj.sun writes "A pair of Argentinian researchers have found a way to perform a BIOS level malware attack capable of surviving even a hard-disk wipe.
Alfredo Ortega and Anibal Sacco from Core Security Technologies — used the stage at last week's CanSecWest conference to demonstrate methods (PDF) for infecting the BIOS with persistent code that will survive reboots and re-flashing attempts. The technique includes patching the BIOS with a small bit of code that gave them complete control of the machine. The demo ran smoothly on a Windows machine, a PC running OpenBSD and another running VMware Player."
I've already had BIOS malware (Score:4, Funny)
preinstalled, on ASUS boards: it was the BIOS itself. It too survived hard disk wipes, but it didn't survive my sledgehammer.
Re:I guess it's official. (Score:5, Funny)
It's official - we're screwed.
Happy news for most of the nerds on this site who sigh and collectively whisper "Finally!"
Re:I guess it's official. (Score:1, Funny)
It's official - we're screwed.
Happy news for most of the nerds on this site who sigh and collectively whisper "Finally!"
/golfclap
PDF (Score:5, Funny)
Re:why is it OS dependant (Score:5, Funny)
Re:PDF (Score:5, Funny)
Or, you really need to take off the tinfoil hat.
Re:Requires root privileges or physical access (Score:5, Funny)
Re:PDF (Score:5, Funny)
Doesn't affect me (Score:5, Funny)
Re:I guess it's official. (Score:2, Funny)
Re:Fatal flaw: No BIOS reset (Score:3, Funny)
Add another layer to your tinfoil hat?
Re:Intel only? (Score:2, Funny)
Then again, 99% of the users out there wouldn't open their case for anything, they're afraid the magic pixies will escape...
No magic pixies in my case... It's fighting Uraki that live in my case...
Uraki are much k00ler than magic pixies...{rolling eyes}
Cheers,
Xyst