-
-
wow thats a baddy. I can see it being used by goverments or esponage. I doubt I have any worries for myself. -
Its embedded in the firmware of the BIOS chip on a board.
Easy enough to re-flash your firmware and remove it via that method. Or, buy another BIOS chip for your PC if the flash method is either inconvenient or failing for whatever reason.
I'm thinking the malware needs local access to your PC to run this anyhow, unless they advanced further from where they were with this 2 years ago. Back then, with the Bitcoin craze going strong, it was a very scary thought that a GPU or NIC could be attacked in such a way, but again, you have to have local access to the PC to install this .. it won't run from a downloadable drive-by installer.
Found the same question here at the bottom of the article:
Brossard's paper was "largely theoretical," since it did not specify how an attacker would insert Rakshasa onto a system, and did not take into account that many new BIOS chips have cryptographically verified code that would prevent it from working.
However, Brossard notes that this added layer of protection is available only on a minority of PCs so far, and that an organization with access to PC manufacturing or distribution would have many opportunities to install Rakshasa-style software.Oh if a man tried to take his time on Earth and prove before he died what one man's life could be worth, well I wonder what would happen to this world ? - Harry ChapinComment
-
So all those parts coming out of China.....[img]http://img.photobucket.com/albums/v337/Igorod/troopdod.jpg[/img]
[url=http://profile.xfire.com/trooper110][img]http://miniprofile.xfire.com/bg/co/type/1/trooper110.png[/img][/url]Comment
-
The only way this would work is if it was preinstalled in the BIOS. Also, I'm not sure how the code would be able to "jump" to the BIOS chip. It would have to be able to somehow update the BIOS firmware with a corrupted version.[url=http://www.enjin.com/bf3-signature-generator][img]http://sigs.enjin.com/sig-bf3/1fad512dc784c11c.png[/img][/url]Comment
-
When IBM laptop got bought by Chinese Lenovo a few years ago LM banned their purchase. I believe it was due to a finding
[IMG]http://thepebkac.net/images/sigs/Outdoors_sig.jpg[/IMG]
Like the community? Donate here:
[URL="http://www.cainslair.com/misc.php?do=donate"]http://www.cainslair.com/misc.php?do=donate[/URL]Comment
-
Yes im sure all the people testing the systems before they ship and all those eggheads that love reviewing new hardware will never notice this running.....
Anything is possible. But not everything is feasible.Comment
-
-
I got one word for you, "Furrbies" Made in China
[IMG]http://thepebkac.net/images/sigs/Outdoors_sig.jpg[/IMG]
Like the community? Donate here:
[URL="http://www.cainslair.com/misc.php?do=donate"]http://www.cainslair.com/misc.php?do=donate[/URL]Comment
- If this is your first visit, You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.
Once this Rogue is on your system...but it in the garbage.
Comment