Game over man, game over!

p.s. Never trust anyone with hair like this…

Cansecwest%20001 Hairy Hacker Hacks Hardware

Apply all of the browser, application and OS patches you want, your machine still can be completely and silently compromised at the lowest level–without the use of any vulnerability.

That was the rather sobering message delivered by a pair of security researchers from Core Security Technologies in a talk at the CanSecWest conference on methods for infecting the BIOS with persistent code that will survive reboots and reflashing attempts. Anibal Sacco and Alfredo Ortega (above) demonstrated a method for patching the BIOS with a small bit of code that gave them conplete control of the machine. And the best part is, the method worked on a Windows machine, a PC running OpenBSD and another running VMware Player.

“It was very easy. We can put the code wherever we want,” said Ortega. “We’re not using a vulnerability in any way. I’m not sure if you understand the impact of this. We can reinfect the BIOS every time it reboots.”
Researchers unveil persistent BIOS attack methods | threatpost

 
In Soviet Russia, Post's Bookmark YOU!!
  • Facebook
  • Technorati
  • Google Bookmarks
  • StumbleUpon
  • Reddit
  • Yahoo! Buzz
  • Sphinn

Glue Huffing Chickens Picked These Posts:

: Alfredo Ortega, Anibal Sacco, BIOS, CanSecWest, Core Security Technologies, hacking, rootkit