Main Area and Open Discussion > Living Room

Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps

<< < (2/5) > >>

4wd:
Sorry, I was referring to the 'theory' about the high frequency networking side of it.

5 minutes should have been all that was required to prove it, (assuming the machine cooperated in those 5 minutes), one way or the other.

EDIT: Maybe it's the way in which the story's told but it seems strange to me that they've had the problem for 3 years but it's only recently that they've suspected a USB drive?

I would have thought that one of the first things after seeing the symptoms on varying hardware would be to isolate what's common to all.

And I'm probably being a bit thick here but:

However, if true (insofar as the other 30-50% goes) it makes for a very strong argument for Coreboot or UEFI - although Microsoft's gamesmanship with UEFI also makes me wonder if this story might be just a little too conveniently timed. Especially since desktop system/OS sales are down now that most companies are keeping their non-UEFI/SecureBoot legacy PCs for as long as possible rather than replacing them.-40hz (November 01, 2013, 06:26 AM)
--- End quote ---

Doesn't the MacBook, (and possibly all recent Macs), use EFI?

Yet, here's a piece of software that has infected it and, presumably, other UEFI based computers - I would have thought that it made a case against Coreboot/UEFI.

ie. You'd be safer with the old Award/AMI BIOSes.

NVM: I missed the reference distinguishing the two.

ewemoa:
Was reminded of the concern I felt when I encountered Intel vPro.

Renegade:
Sorry, I was referring to the 'theory' about the high frequency networking side of it.
-4wd (November 01, 2013, 05:57 PM)
--- End quote ---

Ah. Got it.

Some news asking if it's a hoax or not:

http://news.softpedia.com/news/BadBIOS-Malware-Reality-or-Hoax-396177.shtml

On Thursday, Ars Technica ran a story about badBIOS, a nasty piece of malware allegedly discovered three years ago by security consultant Dragos Ruiu on an Apple laptop. The malware is so sophisticated that some wonder if the story is real or just a hoax.
--- End quote ---

If it's not a hoax, it's darn scary. If it is a hoax, then GOOD! :D

I'm not sure though. There's enough really sophisticated stuff out there that makes something like this plausible.

Stoic Joker:
IIRC f0dder posted something a few (3?) years back regarding a low-level hardware based virus that could potentially be cross platform. It was in the theoretical/experimental phase at that point, but it does allow for this - to the best of my recollection - to be at least partially based in fact. Even if parts of the story were created with a bit of Hollywood's lights and magic.

40hz:
at least partially based in fact. Even if parts of the story were created with a bit of Hollywood's lights and magic.
-Stoic Joker (November 02, 2013, 08:13 AM)
--- End quote ---

This.

I don't rule out the possibility. (Anything is possible, either with software, or in a cartoon.) But I'm a little skeptical of the immanent threat aspect portrayed so far. BIOS infectors are nothing new. They were being proposed back in the days of DOS. So were GPU based infections later on. But there's a big difference between developing a virus as a "proof of concept in the lab" exercise and having one that can successfully propagate in the wild.

If this puppy were half as virulent and stealthy as claimed, it would be all over the place by now. But so far, it's apparently confined to a single location. Which makes no sense since it can supposedly jump the air gap - which would mean virtually any laptop that was ever booted this environment should have been infected and gone on to spread this virus fairly quickly out in the wild.

Dunno. There's something that seems either misreported, missing, or exaggerated in this story. And the details seem very sparse and slow in coming - which is also weird since real malware fighters share info and go public fairly quickly once a threat is strongly suspected or identified. This seems more like the guy is trying to keep a large part of whatever he supposedly found to himself.

Nope. I don't rule it out. But I think I'm still going to reserve any judgment for the time being.
 8)

Navigation

[0] Message Index

[#] Next page

[*] Previous page