| |||||||
| Data Security Viruses, Firewalls and Safe computing |
 |
| | LinkBack | Thread Tools | Rate Thread |
16th April, 2009, 04:38 AM
| ||||
| ||||
| I stumbled on this, Bios attacks http://threatpost.com/blogs/research...attack-methods March 19, 2009, 11:41 AM Researchers unveil persistent BIOS attack methods Apply all of the browser, application and OS patches you want, your machine still can be completely and silently compromised at the lowest level--without the use of any vulnerability.
__________________  1ST Thermaltake V9 Case * Windows 7 x64 * Gigibyte GM-MA74GM-S2 * Phenom X4 9650 2.3Ghz @ 2.76GHz * G Skill 4 GB DDR2 * EVGA Geforce 9800GT 512GB * Antec 650w 2nd PetCarrier II * XP PRO SP3 * EVGA 780i SLi * Core 2 Duo E8400 3.0GHz @ 3.48GHz * ATI All in Wonder 128 * Corsair 2GB DDR2-6400C4 * Antec 650w Last edited by PorPorMe; 16th April, 2009 at 05:00 AM. Reason: Messed up!      |
|
16th April, 2009, 11:45 AM
| ||||
| ||||
| Note the requirements: "in order to execute the attacks, you need either root privileges or physical access to the machine in question" Unix and Linux, by design, don't have a user running with root or 'admininstrator' privileges under normal conditions, so the attack couldn't work unless someone logged in with root privs and then executed the code. Windows users, on the other hand, are typically set up with 'Administrator' privileges, meaning that applicatons they are running typically have complete access to the system. While Microsoft have largely addressed this with Vista's 'User Access Control', many complain that the solution is little better than the problem. However, UAC DOES mean that this attack should be pretty difficult to pull off against a Vista or Windows 7 machine as well, at least remotely. If the attacker has local access to the machine, then all bets are off. As I see it, the real worry here is going to be trusting that machine you just bought. What happens if some disgruntled employee tampers with the BIOS image at Dell?
__________________ Avatar and sig graphic by Pitch. Subscribers! Ask about a custom graphic or avatar today! Gizmo Thermal Diode Mod and Direct-Die Water Block 8-Cheetah 18GiB U-2 SCSI MegaRAID Enterprise 1500/128MiB Samsung SyncMaster 955DF TTGI/Superflower TTS-520 PSU     |
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Rate This Thread | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| AMD attacks Intel over benchmarks | danrok | Benchmarking | 2 | 1st March, 2007 02:29 PM |
| Stumbled onto this | Seperah | Graphics and Sound cards; Speakers and other Peripherals | 3 | 18th November, 2006 11:15 AM |
| Mumbai Terrorist Attacks | aghastpumpkin | Random Nonsense! | 20 | 15th July, 2006 10:23 AM |
| Something i stumbled accrosed | BMan | Random Nonsense! | 4 | 1st February, 2003 07:43 PM |
| Intel attacks AMD over 32/64 bit plans | Winkie | Random Nonsense! | 10 | 13th September, 2002 08:07 PM |
