ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps

(1/5) > >>

Be afraid. Be very afraid. This is seriously scary stuff.

Three years ago, security consultant Dragos Ruiu was in his lab when he noticed something highly unusual: his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused. He also found that the machine could delete data and undo configuration changes with no prompting. He didn't know it then, but that odd firmware update would become a high-stakes malware mystery that would consume most of his waking hours.

In the following months, Ruiu observed more odd phenomena that seemed straight out of a science-fiction thriller. A computer running the Open BSD operating system also began to modify its settings and delete its data without explanation or prompting. His network transmitted data specific to the Internet's next-generation IPv6 networking protocol, even from computers that were supposed to have IPv6 completely disabled. Strangest of all was the ability of infected machines to transmit small amounts of network data with other infected machines even when their power cords and Ethernet cables were unplugged and their Wi-Fi and Bluetooth cards were removed. Further investigation soon showed that the list of affected operating systems also included multiple variants of Windows and Linux.

"We were like, 'Okay, we're totally owned,'" Ruiu told Ars. "'We have to erase all our systems and start from scratch,' which we did. It was a very painful exercise. I've been suspicious of stuff around here ever since."
--- End quote ---

More at the link.

Holy "three rings for the Elven Kings..." Mr. Frodo!

Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps

Right now I'm decidedly skeptical (but still keeping an open mind) over roughly 50-70% of what is being claimed in that article.

However, if true (insofar as the other 30-50% goes) it makes for a very strong argument for Coreboot or UEFI - although Microsoft's gamesmanship with UEFI also makes me wonder if this story might be just a little too conveniently timed. Especially since desktop system/OS sales are down now that most companies are keeping their non-UEFI/SecureBoot legacy PCs for as long as possible rather than replacing them.

Time will tell... :(

I'm not sure why you're so skeptical, especially in light of things like we've already seen released at Black Hat (RFID hacking up to 250 m). Much less the Black Hat presentation where the speaker was assassinated the day before...

And then there's the entire car hacking thing. Famous journalist anyone?

It's not that far fetched. There are plenty of examples of similar technologies out there.

However, I've not looked into it deeply. It's just something to keep in the back of your mind at the moment unless you've got the time to look into it further, which I don't have.

I would have thought:
1) a simple sound meter capable of measuring up to 25kHz, (or 40kHz if you really want to check normal ultra-sound transducer frequencies), would have settled the matter, and
2) the microphones in a laptop would be so frequency limited that they wouldn't respond to much above 20kHz, (if that), since their primary purpose is to pick up the human voice, (~400Hz-4kHz was standard for phones when I was with Telstra).

So I'm going along with 40 on this ... call me skeptical too  :)

Just for something to do, grab one of the many dog whistle apps for your smartphone and then point it at your laptop while it's running something like audioTester, Soundcard Oscilloscope, etc.

@4wd - You're missing a lot there. Audio frequencies have nothing to do with it.


[0] Message Index

[#] Next page

Go to full version