Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 22 Sep 2014, 08:25
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Researchers demo BIOS attack that survives hard-disk wipe
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11069
Location: Arizona USA

PostPosted: Tue 24 Mar 2009, 00:09    Post_subject:  Researchers demo BIOS attack that survives hard-disk wipe  

http://blogs.zdnet.com/security/?p=2962

Quote:
...The demo ran smoothly on a Windows machine, a PC running OpenBSD and another running VMware Player...

...in order to execute the attacks, you need either root privileges or physical access to the machine in question...

How do you inspect the contents of a BIOS?
Back to top
View user's profile Send_private_message 
Sage

Joined: 04 Oct 2005
Posts: 4784
Location: GB

PostPosted: Tue 24 Mar 2009, 02:23    Post_subject:  

BIOS virii are as old as flash BIOS chips. In the early days, I continued to use clocked 286 s in preference to 3/486 s because most had non-volatile BIOSes (no battery backing). There are plenty of ('doze) utilities for interrogating the BIOS on the InterWeb - nothing new there. I've been using some of them to force settings not provided in the truncated access provided by the suppliers via the DEL key. Ten years ago, every kiddie knew how to clock their cr*p (esp Phoenix) BIOS on their proprietary boxes. The bigggggggest problem remains education, education, education. We must stop Americans, in particular, buying proprietary boxes - it degrades knowledge acquisition about the tools they use. It's deliberate, it's leverage - they know what criminals like eg bankers and M$ do to ruin their nation but education has been so bad over there that they persist with blind stupidity and indolence for the sake of lifting a little screwdriver. Building PC s should be taught in schools alongside the evils of capitalism.
Back to top
View user's profile Send_private_message 
Patriot


Joined: 15 Jan 2009
Posts: 734

PostPosted: Tue 24 Mar 2009, 04:54    Post_subject:  

Hmmm ...

I've yet to encounter a BIOS infected virus. Corrupted ones due to virus attack, yes many times a long time ago. The ones that gets corrupted I've seen nowadays are due to user's own doing (with the help of manufacturer's auto-update) or due to a malfunction.

There's many ways to look at the bios. Flashing bios updates tools and setting modifications tools are aplenty. Patching tools are hard to come by but still available if you really want them. I normally don't "patch" them unless I need something specific.

I dare say that I'm the least worried about bios infected virus. Most of the nt based systems under my watch don't even use antivirus ... Downtime ? None was due to viruses ...

Rgds
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 24 Apr 2010, 11:38    Post_subject: Re: Researchers demo BIOS attack that survives hard-disk wipe  

Flash wrote:
http://blogs.zdnet.com/security/?p=2962

Quote:
...The demo ran smoothly on a Windows machine, a PC running OpenBSD and another running VMware Player...

...in order to execute the attacks, you need either root privileges or physical access to the machine in question...

How do you inspect the contents of a BIOS?


Flash, to answer your question. It seems possible for the crooks out there attacking from outside so it should be possible for us from inside too. But I have no clue.

I used google and found these three links in a haste. Have not looked into them if they really says how.

http://books.google.se/books?id=TKEAQmQV7O4C&pg=PA473&lpg=PA473&dq=How+do+you+inspect+the+contents+of+a+BIOS%3F&source=bl&ots=OX9PITm9mm&sig=XO2Tto_yN5DEP5HIdtooESrGhno&hl=sv&ei=tQzTS8jbBs6vOLb46Z4O&sa=X&oi=book_result&ct=result&resnum=6&ved=0CCUQ6AEwBQ#v=onepage&q=How%20do%20you%20inspect%20the%20contents%20of%20a%20BIOS%3F&f=false

How do I inspect thecontent of the BIOS.

next two link seems to only tell how one go into BIOS settings before booting up so that doesn't really address our concern but could help somebody doing search so I include them.

http://www.iomega.com/support/documents/2157.html

and

http://www.michaelstevenstech.com/bios_manufacturer.htm

The first link seems to be a book and has inside info on what the bad guys do to our computers and maybe some link in the book have the info we are curios on.

Edit yes very good book that one.

http://en.wikipedia.org/wiki/Coreboot

http://www.openfirmware.info/Welcome_to_OpenBIOS

Quote:
LinuxBIOS Project Usenix Paper

"The LinuxBIOS project has published a paper on using the open source bios code from bochs to help boot unmodified OSes such as Windows 2000, which was presented at the recent Usenix Conference. This was mentioned previously on Slashdot, but this paper gives more technical details on how they did it, some details about future possibilities, and their guiding philosophies behind this project."


http://developers.slashdot.org/article.pl?sid=03/12/10/1434210

Most likely somewhere on or at or in those texts links there are info on how to dump the BIOS of our machines and then use tools in linux to compare them with the original BIOS and change them back to the default?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0663s ][ Queries: 11 (0.0037s) ][ GZIP on ]