Invasion of BIOS chip (basic input/output system) is no longer a unique ability of NSA or the three-letter agencies. According to the researchers, those with moderate hacking of Internet users, you can use BIOS vulnerability, computer systems intrusion and control without. iPhone 6 Moschino
BIOS malware Moschino iPhone 6 cover
As far back as two years ago, Germany revealed on a website a reported on NSA spy tools, according to the reports, NSA has been working through the BIOS malware infected computer to collect data. Because the malware is the core of computer systems, under normal circumstances, the security software will not scan, and espionage by spies to keep in the dark. Even if the computer's operating system is reinstalled or removed, have no effect. Because they have the advantage, intrusion through the BIOS is by far the most advanced hacker love, widest hacker techniques are also used, such as the NSA hackers like this intrusive technology in particular.
Recently, at the CanSecWest Security Conference, Xeno Kovah and Corey Kallenberg researchers, showed how to remotely through a series of vulnerabilities allows multiple systems to be BIOS malware infection. They also found a new method through BIOS malware access privileges on the system, destroying dedicated secure operating system, such as focus on the open source operating system of privacy protection Tails. Although most BIOS will have security features to prevent unauthorized program changes, however, the two researchers can circumvent these, plant malicious code programs.
BIOS patches
Originally, the two researchers are members of the Government technology contractor MITRE now leave set firmware security consulting company LegbaCore. They said the recent firmware intrusion tool is inspired by one of the partners of Kaspersky Lab results, at the same time, like BIOS, firmware invasion case should be safe community areas that need attention.
Since many BIOS have the same code and, therefore, the two researchers can reveal the 80% of computer security vulnerabilities. This also includes Dell, Lenovo and Hewlett-Packard's computer. In fact, they write security holes can be found. This loophole is automated through script, and when found vulns, and finally ceased operation.
Kovah said, although there is only one type of security vulnerabilities, according to the literal meaning, there are tens of thousands of cases. They will find security holes to suppliers, and patch is still in development. Even if vendors release BIOS vulnerability patches in the past, but few people use it. Because no one has tried to repair their BIOS, although all these vulnerabilities in this years were revealed and publicly available. Kovah says:
"MITRE, we spent a couple of years they (MITRE) patch, but they feel that BIOS vulnerability sight, out of mind, because they are not aware of the outside world there are many BIOS intrusion cases. "
Malware LightEater
Intruders can exploit in two ways: first, by phishing or other way to remotely deliver attack code, second through physical attacks. The two researchers said, if the latter, it takes only two minutes to implement BIOS attack. This means that a government agency or a law enforcement officer is easy to invade a system.
They are malware called LightEater, invasion of breach and hijacking your system management mode of SMM (System management mode) for upgrade privileges on the system. SMM is the mode of operation of Intel processors, the malware through SMM to perform some advanced privileges on the system, even more than management and ROOT permissions. By SMM, hackers can be overridden on the BIOS chip program, and that this procedure in the case of a covert, installation of Rootkits and steal passwords and other data.
Most importantly, SMM malware read in memory of all the data and code. This means, through which malware can "play" all Tails to protect privacy by operating system computer. Worth mentioning is that the Tails are aidehua·sinuodeng and the guardian reporters Glenn Greenwald used to handle NSA documents leaked operating systems. LightEater malware through SMM to read the memory, therefore, Tails the system information file wiping or stored in a safe place before, it can capture the data in memory, but also in the case of stealth to complete the task. Kovah says:
https://www.youtube.com/watch?v=k3H9HWhs1r8
"When we use the SMM attack, no one can detect whether the attacker. SMM is able to read RAM from anyone, but no one is able to read RAM SMM. "
via:wired
1177 votes
Microsoft Surface Pro 3
Surface Pro Tablet and laptop in one is a good idea, on which men don't want Hall under the kitchen's wife? Which tech press want to write the article talks of all business people? Surface and primary Surface Pro Pro 2 (only CPU generation) is neither good tablets, thick, short battery life; it's not a good laptop, small screen, bad keyboard, frame is not flexible. Now, the Surface Pro 3 comes out clear, these problems all solved, Microsoft has always been low-key attitude began to fight back.
View details of the voting >>
No comments:
Post a Comment