On Tuesday, September 27, 2016 at 2:56:27 PM UTC-4, johny...@sigaint.org wrote: > > I forget which blackhat event, they showed how you can think you are > > flashing a bios. But the malware will remain. > > That's creepy. Don't most BIOS flashing utilities do a verification? Or > perhaps the flashing utility itself is what was compromised in the > blackhat demo. > > Another reason why doing a flashrom under Tails, and then reading it back, > is a good idea of your motherboard supports it. Pretty hard for malware > to fake that (at least without some additional flash storage to do its > tricks). > > At the very least, using a slightly "unexpected" utility like flashrom > helps dodge the obvious hacks. > > (Similar to someone's post in reply to the Laptop internet sharing thread, > that using a *different* VM isolation on the laptop, KVM/Qemu or whatever, > might be a good idea. For an attacker to have to compromise Xen *and* > Qemu, makes for a busy project to say the least. It'd very likely stop > any automated virus in its tracks.) > > JJ
Here is interesting thread on reddit i Just found. https://www.reddit.com/r/badBIOS/comments/319qlf/spi_programmers_to_flash_bios_rootkits_bios/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/453b8817-8e0d-4f1c-9add-9271444eeaf7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.