BIOS Hacking

We've learned a lot about the NSA's abilities to hack a computer's BIOS so that the hack survives reinstalling the OS. Now we have a research presentation about it.

From Wired:

The BIOS boots a computer and helps load the operating system. By infecting this core software, which operates below antivirus and other security products and therefore is not usually scanned by them, spies can plant malware that remains live and undetected even if the computer's operating system were wiped and re-installed.

[...]

Although most BIOS have protections to prevent unauthorized modifications, the researchers were able to bypass these to reflash the BIOS and implant their malicious code.

[...]

Because many BIOS share some of the same code, they were able to uncover vulnerabilities in 80 percent of the PCs they examined, including ones from Dell, Lenovo and HP. The vulnerabilities, which they're calling incursion vulnerabilities, were so easy to find that they wrote a script to automate the process and eventually stopped counting the vulns it uncovered because there were too many.

From ThreatPost:

Kallenberg said an attacker would need to already have remote access to a compromised computer in order to execute the implant and elevate privileges on the machine through the hardware. Their exploit turns down existing protections in place to prevent re-flashing of the firmware, enabling the implant to be inserted and executed.

The devious part of their exploit is that they've found a way to insert their agent into System Management Mode, which is used by firmware and runs separately from the operating system, managing various hardware controls. System Management Mode also has access to memory, which puts supposedly secure operating systems such as Tails in the line of fire of the implant.

From the Register:

"Because almost no one patches their BIOSes, almost every BIOS in the wild is affected by at least one vulnerability, and can be infected," Kopvah says.

"The high amount of code reuse across UEFI BIOSes means that BIOS infection can be automatic and reliable.

"The point is less about how vendors don't fix the problems, and more how the vendors' fixes are going un-applied by users, corporations, and governments."

From Forbes:

Though such "voodoo" hacking will likely remain a tool in the arsenal of intelligence and military agencies, it's getting easier, Kallenberg and Kovah believe. This is in part due to the widespread adoption of UEFI, a framework that makes it easier for the vendors along the manufacturing chain to add modules and tinker with the code. That's proven useful for the good guys, but also made it simpler for researchers to inspect the BIOS, find holes and create tools that find problems, allowing Kallenberg and Kovah to show off exploits across different PCs. In the demo to FORBES, an HP PC was used to carry out an attack on an ASUS machine. Kovah claimed that in tests across different PCs, he was able to find and exploit BIOS vulnerabilities across 80 per cent of machines he had access to and he could find flaws in the remaining 10 per cent.

"There are protections in place that are supposed to prevent you from flashing the BIOS and we've essentially automated a way to find vulnerabilities in this process to allow us to bypass them. It turns out bypassing the protections is pretty easy as well," added Kallenberg.

The NSA has a term for vulnerabilities it think are exclusive to it: NOBUS, for "nobody but us." Turns out that NOBUS is a flawed concept. As I keep saying: "Today's top-secret programs become tomorrow's PhD theses and the next day's hacker tools." By continuing to exploit these vulnerabilities rather than fixing them, the NSA is keeping us all vulnerable.

Two Slashdot threads. Hacker News thread. Reddit thread.

EDITED TO ADD (3/31): Slides from the CanSecWest presentation. The bottom line is that there are some pretty huge BIOS insecurities out there. We as a community and industry need to figure out how to regularly patch our BIOSes.

Posted on March 23, 2015 at 7:07 AM • 108 Comments

Comments

LisaMarch 23, 2015 8:01 AM

Of course hacking BIOS can now be considered so outdated now that Intel has a new generation of processors with vPro and AMT (Active Management Technology) with a separate hidden instruction set for PC management and remote 3G radio support which works independent of any OS that is suspected to can backdoors capable of hijacking any PC. (It even works when no OS is even installed or running.)

The FSF (Free Software Foundation) has expressed serious concerns:

https://fsf.org/blogs/community/active-management-technology

Who is to say that Intel has not received its share of NSL's, during the design of these chips?

Minimialism is the best approach to security, since the most complex or feature rich something is, the more possible attack surfaces it has. Having vPro and AMT might have some legitimate corporate IT benefit to help remotely manage corporate "enterprise-grade" computers, but is risky and potential quite harmful for individual consumers, even though it is included in many new "consumer-grade" computers.

Clive RobinsonMarch 23, 2015 8:14 AM

And it's not just what many would consider the BIOS...

The method used to get at the BIOS then alows the likes of GCHQ et al to get at other modifiable ROM in the likes of HDs, Sound Chips, Network cards and other "below the OS" areas.

Having done this they can then put the main BIOS back the way it was, so that it's harder to find what they have been uo to.

In times past this sort of attack was not possible due to the fact the ROMs needed to be programed externaly before being put onto the motherboard. However this had cost implications via returns etc, so the hardware designers joined the "Patch Tuesday" mentality... The result is very slightly cheaper hardware with remote exploitation almost trivial thus for a few cents security was lost... anyone else remember the old saw about "for a halfpence of tar, the ship was lost"... I guess the Freemarket never learns from it's mistakes, even though lemon laws have been shown to not just work but stop the stupid race for the bottom and in the process also make markets better for all...

AlexMarch 23, 2015 8:15 AM

We need some form of physical protection against flashing BIOS (jumper or switch).

SoWhatDidYouExpectMarch 23, 2015 8:38 AM

As noted elsewhere, lockdown of UEFI essentially marks the end of the world of PCs. The 1% has won. It is they who should pay rather than the unfortunate of mandkind. In a way, I suppose we deserve what we have allowed to happen.

Unknown Subject #1March 23, 2015 9:21 AM

@Alex

"We need some form of physical protection against flashing BIOS (jumper or switch)."

I've been looking for this for quite some time. There was a time when the feature was available on some motherboards. It seems that it has since disappeared. I'm all for bringing it back.

Nick PMarch 23, 2015 9:27 AM

The presentation was interesting as far as the reverse engineering and attack details. Yet, it has entirely the wrong ending: adding an extra isolation mechanism in SMM. Like MMU's and MAC, this has never stopped sophisticated attackers. Google's Chrome bounty program shows that even clever schemes like Native Client can be hit by devoted amateurs. There's plenty of vulnerabilities to grab if there's any interface between trusted and untrusted code with the former being poorly written.

The real solution, as always, is to modify the architecture to enforce code vs data separation even if only selectively. That or even control-pointer guards supported by hardware for speed. We see examples in INFOSEC literature of both with single-digit, performance hits. Once this mechanism exists, developers from firmware up can start making use of it in their code. The amount of legacy, proprietary code not taking advantage of it will make those systems get hit the most. Yet, that only creates opportunities for FOSS or new commercial offerings to differentiate themselves by using the protections pervasively. We already saw this with Secure64's SourceT OS leveraging Itanium's security features, LynxSecure leveraging Intel's, and GenodeOS using minimal TCB + better architecture.

@ Clive

As you know, I have serious memory issues these days. I haven't messed with BIOS's in a while. Quick question: can BIOS or UEFI functions be used by user-mode code that's deprivileged? If not, then microkernel architectures such as GenodeOS or seL4 should be able to prevent such entry-points by design. At least for those, the proper OS design would be a countermeasure against BIOS attacks.

Regardless, I think all these issues argue in favor of my old idea to put management functions in a dedicated, secure, cheap chip. I used embedded boards with non-DMA in the past. Today, I'd probably use a microcontroller with I/O MMU and a capability/tagged model. This lets us have the enterprise-grade functionality, clean-slate secure design, and the ability for some customers to disable it with eg a jumper.

Unknown Subject #1March 23, 2015 9:28 AM

Does anyone know if motherboards these days still have BIOS (or whatever hardware bootloaders) on a separate, replaceable chip?

SasparillaMarch 23, 2015 9:44 AM

@Alex

Great point. We absolutely need this brought back. As @Uknown Subject #1 said this was something that was on some motherboards years ago. Before that, if memory serves, we had ROM's which could not be re-imaged, you just had to swap in a new chip if you wanted an updated BIOS.

Of course, once we move to either the physical switch or ROM's the NSA will work on compromising the BIOS images at the U.S. companies that hold them (either as a partnership or on the sly like the CIA at Apple). But that will be the next hill to climb (we'll need a way of verifying the BIOS images) - first we need to lockdown flashing of a system's BIOS.

Its a nightmare when your own "free" government is at war (don't think that's overreaching at this point based on what we know) with the security of the electronic infrastructure of its own country and citizens.

RonKMarch 23, 2015 10:03 AM

As long as one is willing to buy a special computer for off-line, air-gapped use the significance of this becomes limited to "how good is your air gap".

We haven't yet reached the point where the wireless communications is automatically built-in and impossible to disable.

Michael And Ingrid HerouxMarch 23, 2015 10:26 AM

I was just listening to Steve Gibson and Leo Leport and they were talking about the hard drive firmware corruption from the NSA and steve said it effects fat16, fat32, ntfs and ext3 filesystems so if you used ext4 or a reiser filesytem then it shouldn't be able to effect you. That wouldn't help you on Windows but that's another reason to switch. Also they were talking about the malware creating partition space on the harddrive for it's own use that with infected fireware you can't zero it out. If you had an infected harddrive you could still use that hard drive in an array or as extra storage as long as the boot drive is not infected. If you had a non infected 500 GB hard drive formated with a reiser file system and an infected 500 GB one you could DD the non infected one onto the infected one and get rid of the hidden infected partition and continue using the infected one without any problem as long as the MBR is on the good one. Also if you DD a good one onto an infected one wouldn't DD tell you if the good one didn't copy over to the infected one bit for bit? Could DD be a way to tell if you have a bad one? I guess with infected mother board bios that wouldn't matter much, you would still be screwed. Thanks

Clive RobinsonMarch 23, 2015 10:33 AM

@ ZenZero,

Using the thermal issues of computers under load is not new by any means...

As the motherboard area around the CPU heats up it effects other devices around it. One of which is the system XTAL which controls the speed at which everything happens.

If for instance you have virtual machines on the CPU an attacker can effect the other virtual machines. This has been used to detect honeynet machi es, thus avoiding puting valuable zero days etc on them, where researchers will pick them up rapidly.

If you look far enough back on this blog you will find a couple of pages about using the change in XTAL frequency to track machines across the Internet.

ZenzeroMarch 23, 2015 10:45 AM

@Clive

Indeed so.

It was the sending of control messages between air gapped machines using thermal properties by malware that I found interesting. I havent seen or heard of that been done specifically before. For some odd reason it brought the great Seal bug to mind (even though they are quite different).


MartinMarch 23, 2015 11:37 AM

Yeah right, the answer to everything is open-source collaborative design, command line and vacuum tubes.

"We didn't have these problems fifty years ago, so let's just go backwards fifty years and then our problems will go away."

LeonMMarch 23, 2015 11:45 AM

So what exactly is the difference between the US government and cyberterrorists? Is it simply that the former operates under the color of law?

I really like this blog, but reading it often leaves me depressed.

Bob StaudenmaierMarch 23, 2015 11:51 AM

Good post, Mr. Schneier. As it is now, I am becoming distraught because I have to believe that SOMETHING is still secure.

globMarch 23, 2015 12:58 PM

My 2c worth on possible forms of mitigation (but no silver bullet here):

-epoxy around your BIOS chip on the motherboard to make it harder for an attacker to rapidly flash your BIOS through physical access (e.g. at airport check points)

-Use an OS like Qubes, based on sandboxed, virtual, ephemeral partitions, to make it harder for an attacker to remotely execute the code in the first place

-rotate your motherboard and hard drive every 6 months or so and install a new version of the OS after confirming the checksum. (This is not as expensive as it sounds -- 2nd hard board and hard drives are cheap on ebay or craigslist, and you can resell your old kit, recovering some of the money). If you are particularly paranoid, collect the item in person to avoid interdiction.

moxyMarch 23, 2015 1:50 PM

@glob, another obvious one to add to that list is: if a vendor has released a patch for your BIOS, use it!

HJohnMarch 23, 2015 1:51 PM

@As I keep saying: "Today's top-secret programs become tomorrow's PhD theses and the next day's hacker tools."
______________

I'd reorder. I think they'll be hacker tools before they are theses. I wouldn't be surprised to find out the hackers already beat the "top secret prgrams" to the punch.

SasparillaMarch 23, 2015 1:53 PM

@Lisa

"Who is to say that Intel has not received its share of NSL's, during the design of these chips?"

At least so far, it doesn't appear NSL's have required designed in back doors etc. (I believe they've been for accessing specific data), however one of the dangers of having the design and control of our computing infrastructure in the hands of these massive companies is that the companies leadership decides their business interests align with those of the surveillance state (i.e. government intelligence apparatus) and willingly partner with them.

This has apparently occurred including evidence pointing at Intel (have to throw Microsoft in there too, as they appear the most egregious in this manner, that we know of so far..):

https://plus.google.com/+TheodoreTso/posts/SDcoemc9V3J

http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data

bp4ecp&fwMarch 23, 2015 3:10 PM

"Because almost no one patches their BIOSes, almost every BIOS in the wild is affected by at least one vulnerability, and can be infected," Kopvah says.

Not exactly true... a lot of times manufacturers help not releasing patched BIOSes. It is not just a matter of patching buggy firmware, sometimes there is no choice as no updates are available.

sena kavoteMarch 23, 2015 3:31 PM

Is it possible to harden OS for a computer that has infected BIOS? Install the OS in other computer, then move the USB stick / hard disk with that installation to the infected computer. What does the BIOS malware then do at first boot?

If the OS installation is randomized enough, BIOS malware has difficulty doing anything. Make network go through a firewall device with randomized obfuscated protocol that the firewall converts to normal. Plug mouse and keyboard to raspberry pi that then sends that data in obfuscated form to the bigger computer via ethernet-to-USB adapter.

All that randomizing and obfuscation can be done automatically by installers.

OS has huge resource advantage to BIOS malware and also to any malware breaching in by buffer overflow.

Firewire port has direct access to RAM. Use that to verify that RAM contains what it should.

I wish BIOS would be in extra small capacity SD card plugged on a special place in motherboard. Capacity should be so small that they have not been produced in about 10 years or never.

There may be one weird physical trick that just might put any or some BIOS or flash memory to blank slate zeroed state (+increase write count). This idea is pure speculation:

Hold the device one day, week or month in a container filled with hydrogen. (As you may know, hydrogen can't be completely contained by any wall. Hydrogen always leaks slowly between bigger atoms and molecules. It would not be possible to make perfect hydrogen containers from flash semiconductor either.)

When the hydrogen molecules contact the charge forming bit signifying electrons inside flash memory, they may turn to negative hydrogen ions that then drift away.

From a computing point of view, what is the next step if BIOS or SSD flash has been zeroed by bathing it in hydrogen or by some other way? Can it take new content or does it need some program content to take new?

AndrewMarch 23, 2015 5:33 PM

We also need physical switches for cameras, microphones and any form of waves (wifi, bluetooth, nfc etc)
In fact, this is the first thing we need to ask and should become law.

Ezekiel Lovecraft DaedulusMarch 23, 2015 5:44 PM

From one of the links:

Though such “voodoo” hacking will likely remain a tool in the arsenal of intelligence and military agencies, it’s getting easier, Kallenberg and Kovah believe.

and in reference to Bruce's statement

As I keep saying: "Today's top-secret programs become tomorrow's PhD theses and the next day's hacker tools." By continuing to exploit these vulnerabilities rather than fixing them, the NSA is keeping us all vulnerable.


Mmm, I have worked with some pretty hard core vulnerability finders, and I have to say while it is wise to consider maybe their vulnerabilities were found first by some government(s), very often they may not have been. If I recall, as well, there was poc code presented in the mid 2000s for bios hacks. There definitely have been severe hardware hacking performed by 'on the street' sec researchers going back to the least the late 90s. And several governments depend on exactly such people who are not solid enough to get clearance, but good at finding bugs.

While I prefer not to express personal details of any of them, believe me, some are mad, some are drunk, some have very little - if any - moral code whatsoever. I know in at least one place there was suspicion by good friends that another friend was behind a major virus attack. Nice guy, but nobody could put that past him.

Don't socialize much with the new crowds, but I have heard the impression meth addiction is far from unheard of.

Besides my own sanity being in question (and I probably have code running on your system as it is supplied by a very major vendor), one of my friends I rumble with has severe psychotic delusions. I have wondered if he was faking it, but I do not believe so. He remains brilliant, but I have to edge around certain topics or that is all he will talk about.

So, while probably not so apparent to journalists, if I flash back over my own mind of all the researchers I have known, lol: IDK? Addams Family? Maybe throw in some hookers and blow there to complete the picture.

These governments, by not securing these systems and relying on open holes for attacks are trusting your systems to these people. I just shake my head at this nonsense.

Ezekiel Lovecraft DaedulusMarch 23, 2015 6:00 PM

@LeonM

So what exactly is the difference between the US government and cyberterrorists? Is it simply that the former operates under the color of law? I really like this blog, but reading it often leaves me depressed.

I would not go that far.

Hard also to say "what is cyberterrorism". A very bad attack has happened this past week or so, which I think qualifies. Where a hacking group associated with ISIS posted personal details about servicepeople and encouraged ISIS supporters to attack them.

That level of maliciousness, I am not aware of the US doing, nor any country. Some nations make preparations for war scenarios which are that level of malicious and worse, but those things are standard.

To a degree - and it is not just the US doing this - governments are in a tough place. They have to perform intelligence, and this is an option whose recourse is very difficult to come up with.


@Bob Staudenmaier

Good post, Mr. Schneier. As it is now, I am becoming distraught because I have to believe that SOMETHING is still secure.

Nothing is secure to nation states.

Not even much is secure to highly skilled hackers, though they tend to not want to spend the time engaging in risky behavior when there are high paying jobs for them all over the place.

Finding a single critical vulnerability in a major piece of hardware that is widely distributed and not obscure and writing the exploit code for it can take months of very hard work.

(Finding a single critical vulnerability in a more obscure piece of hardware might take one hour, but still creating exploit code can sometimes take longer.)

dbmMarch 23, 2015 6:57 PM

It is amazing to witness, amidst all these exceptional minds, the race to protection, as first reaction. As a Lisp person many of these solutions would preclude my basic freedoms.

I am reminded of the reactions, immediately post-9/11, when the scare of anthrax caused a few to wrap their homes with plastic-wrap and duct tape, only to suffocate from their protections.

bp4ecp&fwMarch 23, 2015 7:15 PM

It is obvious to me that we have a worrying lack of knowledge on this new battle domain known as firmware:

1. Can we protect ourselves reflashing the firmware we suspect has been altered?

2. Will BIOS manufacturers understand that standard support windows do not apply to current UEFI firmware? It is not a matter of computers not booting with the wrong PCI card attached, now bugs mean bad things happening to our workstations, laptops and servers.

3. What are the consequences of enabling, we say, AMT? I have not found a serious security guide on this matter.

4. Is there a way to detect an unauthorized firmware modification?

5. What about encrypted HDD/SSD drives? (e.g. OpenBSD + FDE using softraid (AES 256 in XTS mode)) Is it vulnerable to snooping?

Lot of questions, very few answers.

No, Bruce, in my humble opinion we do not have a lot of information right now, only an overload of mostly useless data without many supporting facts.

James DeanMarch 23, 2015 7:57 PM

@Gary: I like when people cite Rakshasa. Because it shows they want to act like they know something, but they truly know nothing. Rakshasa is very literally just installing CoreBoot & SeaBIOS on a system, adding 2 basic attacks, and calling it a day. Everyone here realizes that the main branch CoreBoot won't run on anything modern right? Only google's chromebook branches add support for modern Intel hardware (newer than 6 or so years ago). And do you really think that coreboot is "undetectable" compared to a normal vendor BIOS? It looks nothing like a vendor BIOS, and there are free tools that dump BIOSes! Stop citing Rakshasa! It was complete sh*te!

Nick PMarch 23, 2015 8:06 PM

@ Bob

"As it is now, I am becoming distraught because I have to believe that SOMETHING is still secure."

Voyager's offline data. Oak Island treasure pit. Church of Scientology's full list of doubles in U.S. government. These have been pretty secure by a physical perspective. Might want to copy them. Voyager-based PKI might introduce some delays into the Internet, though.

@ All
re Open Firmware

A lot of that stuff is written in Forth, IIRC. This is not a security-focused language or even one most are capable of reviewing. Further, the firmware logic is quite esoteric with even less review. Regular code that's FOSSed often has obvious security holes for years without any apparent review. Firmware, esp if in Forth, would probably have a worse track record.

So, it has to be open, well-documented, use an understandable language, and be designed for review. Then qualified people must actually review it and post their results. Same rules for software in general. Neither FOSS nor proprietary firmware are satisfying in this regard. The one exception is some firmware in safety-critical fields having quite a bit more rigorous development.

James DeanMarch 23, 2015 8:15 PM

@bp4ecp&fw the answers to all your questions are at the researchers' site (http://legbacore.com/Research.html), people just need to learn to read original material/slides instead of asking to have information spoon fed to them, or instead of listening to game-of-telephone reporters and making conclusions based on that...but here's some spoon feeding...(here comes the airplane!)

1) No: See the "flea" from "BIOS Chronomancy"
2) N/A vendors will support things for however long they feel like, and customers can always pay more money for more support
3) Well, they used AMT in their attack, so unless you have a burning need, probably not a good idea, since it will muddy the network traffic waters with extra AMT background noise to hide in
4) yes: see "Copernicus"
5) obviously someone will do the work at some point, so why not behave like "yes"?

it's amazing what sort of facts you can learn when you actually make the effort to read original research materials (or better yet, RTFM!)


Nick PMarch 23, 2015 8:16 PM

@ dbm

LISP is type-safe, maybe even memory safe, at runtime. Especially on a LISP processor with onboard GC. It's language rules and evaluator make up its [limited] protection. So you get freedom and plenty of protection at the same time. Racket team added features such as types and guards for even more. The LISP community is no exception to the need for protection.

Besides, if someone controls your machine, how much *freedom* do you really have?

Anonymous CowardMarch 23, 2015 10:45 PM

LeonM wrote:

So what exactly is the difference between the US government and cyberterrorists? Is it simply that the former operates under the color of law?

The NSA in particular isn't even operating under colour of law either. Much of what they do is plain illegal, if not outright unconstitutional. They just tell anyone who objects that they have "no standing".

Coyne TibbetsMarch 23, 2015 11:07 PM

@bp4ecp 1: Can we protect ourselves re-flashing the firmware we suspect has been altered?

If the chip can be re-flashed externally to the PC, yes. But re-flash schemes within the PC break down because malware in the BIOS can control progress of the re-flash. This is because re-flashing while the system is running requires the BIOS to be in control; and in-BIOS malware could specifically protect itself from being re-flashed.


@bp4ecp: 2. Will BIOS manufacturers understand that standard support windows do not apply to current UEFI firmware?

There seems to be zero interest in this. Like with the rest of the industry traditionally, manufacturers generally don't worry about security until worries are forced on them. Eventually, maybe, but they'll have to be dragged to it--feet leaving gouges in the marble floor. Just like Microsoft, which initially resisted every attempt to get them to address the list of exploits in Windows and other software.


@bp4ecp: 4. Is there a way to detect an unauthorized firmware modification?

@Clive Robinson: Having done this they can then put the main BIOS back the way it was, so that it's harder to find what they have been up to.

Because the BIOS memory can be shadowed, there is no way to see any code that malware in the BIOS doesn't want seen. This applies to attempts to access the code directly and by hash. It is not necessary for "they" to change the BIOS back, because "they" can make it look like it was never changed at all, making malware immune to any scrutiny.


@sena kavote: Is it possible to harden OS for a computer that has infected BIOS?

Infected, I'm inclined to no, because of the superior authority position of the BIOS. Such an infected BIOS can control everything the main OS sees from disk or device, in theory leading it to do anything desired and subverting any hardening.

It is an interesting question, though: Could we come up with an OS design that detects subversion by a BIOS-based malware? Hmmmm...

MaxMarch 24, 2015 12:04 AM

I doubt that for-profit hackers will bother with firmware attacks. Since you already have complete control of the PC (needed to reflash), why bother? The only reason would be to show off.

jdgaltMarch 24, 2015 12:20 AM

Because many BIOS share some of the same code, they were able to uncover vulnerabilities in 80 percent of the PCs they examined, including ones from Dell, Lenovo and HP. The vulnerabilities, which they're calling incursion vulnerabilities, were so easy to find that they wrote a script to automate the process and eventually stopped counting the vulns it uncovered because there were too many.

In that case, one hopes the researchers would be willing to tell the rest of us some easy way to detect whether this has been done, at least on the 80% of machines that were similar enough for the preceding to work.

Aaron SpinkMarch 24, 2015 12:43 AM

@bp4ecp&fw

1) no, most firmware reflashing relies on FW control! In addition, most hardware's FW reads rely on FW control. That means in general you cannot trust either the writing or reading unless you can trust the FW. Its generally poor design. The only way to correct this is to have at a minimum, a hardware based path that enables FW reads without FW intervention.

2) Unlikely without significant outside pressure. Though there is some upside coming out of the Open Compute Project with Intel looking like they will try to open source at least their UEFI FW. This was mentioned during their sponsored lunchtime keynote along with Rackspace at this months Open Compute Summit. If they do so, and don't restrict it just to their server systems, it presents the possibility of community development. Honestly, I'm sure that the majority of the 3rd party MB manufacturers (ASUS, GIGABYTE, et al) would be for it as the bios isn't a severe point of differentiation.

3) AMT can possibly introduce as many holes as it fixes. AMT is basically SMM++. It should be pointed out that they didn't use AMT any of their actual attacks but did use the Serial Over Lan functionality of AMT as a communications channel post-attack. Since it is used post-attack, you wouldn't have any control over it anyways. It should be noted that a couple of their fixes against attack rely on functionality provided by vPRO/AMT. Ideally, Intel has/will make available the source code infrastructure behind AMT.

4) Depends... It all goes back to 1. Is there a hardware only path to read things. If not, you cannot rely on what you are reading as reality.

5) FDE is only ever useful for at rest, non-powered data protection (and a minimal level even at that). AKA, preventing someone from pulling the drive to get secrets. FDE provides no protection of powered/online data because if they have control of the machine, they have control of the keys. FDE is for laptops and shipping drives to another location. You shouldn't rely on FDE for powered on data security. And if you are decommissioning a drive, you want to wipe it and then physically shred it.

Anyone who has done hardware design or low level software/firmware has plenty of useful data. The reality is that in general the whole of the infrastructure of the firmware landscape is incredibly vulnerable to exploitation atm. It in general hasn't been a major focus of security practice and as such is a shambles for the most part. One of the major issues is that the majority of all firmware is closed source preventing any actual review. That along with relying on the actual firmware to access firmware on many devices makes it a ripe target for black box malware. Even moving from unpublished closed source to published closed source would be a major improvement as far as security goes.

FigMarch 24, 2015 1:12 AM

BIOS/EFI/firmware is the biggest danger these days. Manufacturers keep on trying to lock firmware and EFI so that only MS Windows can run on the hardware and at the same time those locked structures are open for any kind of attack and malware. Manufacturers should be put under pressure to stop this madness.

eldoranMarch 24, 2015 2:28 AM

How does intel "Boot Guard" fit into that picture - would it be prevented or simply brick the device without any way of recovery? Or worse leave the customer without any hope of getting rid of the malware?

I ask because recently that has been revealed to prevent coreboot on several platforms.

DBMarch 24, 2015 4:23 AM

@Gerard van Vooren

Obama specified an exception big enough to fly the whole army through... "unless there is a national security or law enforcement need" which... from his point of view... ALL VULNERABILITIES are national security and law enforcement needs, so therefore, nothing can be disclosed ever. Even though the sentence started out sounding like the opposite, this is the true meaning of that sentence: no disclosures.

You got to learn to read their twisted wording properly man! Always think of it from the perspective of "how can I word this so that people *think* I'm saying one thing, but I'm really meaning the opposite." ALWAYS interpret every politician's words this way. This is an important skill to master if you actually read anything they say.

No Such AgencyMarch 24, 2015 5:30 AM

I guess people forgot the CIH/Chernobyl virus that trashed BIOSes way back in the late 90s. BIOS has been vulnerable ever since. I guess in today's climate however, it takes on a new meaning.

@DB: excellent comment regarding the language of politics. More people need to attend that class.

sena kavoteMarch 24, 2015 7:37 AM

Looks like there is a deep computer science question here. This needs to be formulated as a theoretical computer science / mathematics problem. Two "programs", OS and BIOS, fight in the same computer. Each has it's advantages. BIOS has some control OS does not have. OS has more resources and user on it's side. Which side wins?

Once this battle has rigorously defined rules, lot of things can be tested in userspace programs by computer scientists and programmers who are not hardware hackers. I guess people then find surprising ways how this battle can be understood in terms of some obscure 50 year old theories. Then we may find ways to harden operating systems and clusters of computers against BIOS malware or find mathematical proofs about when hardening is not possible in a theoretical sense.

Clive RobinsonMarch 24, 2015 8:37 AM

@ Coyne,

Because the BIOS memory can be shadowed, there is no way to see any code that malware in the BIOS doesn't want seen.

That is only true for systems where you can not get directly at the ROM memory.

Without going into details, you can put the motherboard CPU chip in "halt mode" from the hardware and then "walk the memory" with another device. It's the way In Circuit Emulators (ICE) and other low level hardware development systems work. Back in the good old days you could do it with a handfull of TTL chips and an AT bus card.

Depending on the circuit design and your skill you have Jtag and Firewire access to do the same thing.

Whilst this is a little esoteric for by far the majority of users for some it's "bread and butter" work. And it's the latter group the likes of GCHQ et al have to watch out for.

@ Nick P,

The reason for using Forth in BIOS and PCI devices is the fact that like P-Code it is interpreted and thus the manufacturer of the PCI cards can write "universal code" that runs on all PCI based systems irrespective of if the CPU is x86, Spark, ARM or MIPS etc. As I've said before when working at such a low level "type safety" and other similar security systems is a mute point...

As for UEFI etc, I've played the "avoidence game" thus I'm not the best person to ask technical questions on it.

@ ALL,

With regards security of general purpose COTS motherboards, "forget it" they are not designed to be secure or even securable. I can think of all sorts of tricks to get around the various protection mechanisms their designers implement. Having done so it's not hard to find jobing coders who can cut the code into existing malware.

The point Bruce makes about IC to PhD to Hackers, is a little off the mark. Many jobing coders can cut the exploit code, that's the boring stuff. It's the "thinking hinky" that is the hard part, slightly less hard is getting the basic info on systems to make the thinking hinky viable to turn into an exploit.

To put it another way the "thinking hinky" finds "new classes of attacks", having the basic info alows you to find a "new instance in a class of attack" and your jobing coder then produces the actuall attack code within another mechanism such as a "plug in" for an existing "exploit platform".

For a practical view the recent Ben Gurion "thermal comms" is a specific instanciation in the more general subset of EmSec side channel attacks that form the class "load generated thermal attacks".

Getting back to "securable hardware" there is an alternative route than COTS motherboards, that whilst it is less powerfull and around three times the price is an alternative way to go.

Have a look at PC-104 industrial control boards, many have the advantage that the BIOS is still on EPROM or similar, and can not be overwritten "in place".

I've used them to make "guards" to put between more powerfull control boards and the likes of hard drives and other IO including networking.

The down side is you have to put some real effort into things. However books like "TCP/IP Lean" and the "uCOS" RTOS and various USB, Memory Cards, I2C, CAN Bus etc data sheets can get you upto speed in a couple of months. There are also the likes of drivers for FAT16/32 in C from various Chip manufactures, or Open source *nixs.

Contrary to what many people think writting your own device drivers is not "there be dragons" territory. Most competent C programers can cut a simple serial driver after a couple of days reading, putting them in loadable modules is only marginally harder. The hard part is making them both "efficient" and "crash proof", the former being harder than the latter. The one thing doing it will teach you is how to write and debug code "old school" without the tools some consider essential, so is worth it as an excercise in self reliance that will make most a lot more confident (it's also a skill you will need to be a malware author as well ;-)

Clive RobinsonMarch 24, 2015 8:57 AM

@ Sena Kavote,

Two "programs", OS and BIOS, fight in the same computer. Each has it's advantages. BIOS has some control OS does not have. OS has more resources and user on t's side. Which side wins?

The simple answer is the one that controls the MMU that provides the environment the second one runs in.

Thus whichever wins the MMU race holds the winners crown. In this game the one that runs first after a reset is most likely going to be the winner.

The only exception is due to the daft way Intel runs some of it's CPUs, where "microcode" has to be loaded into the CPU to get it sufficiently sane and stable that it's usable, to run the rest of the BIOS prior to the OS. If you can change the CPU microcode then you will always be the winner...

However the number of people that can cut RTL/microcode for Intel chips is such a small percentage you'ld be lucky to be able to count it on one finger of a million hands.

Dirk PraetMarch 24, 2015 12:29 PM

"Today's top-secret programs become tomorrow's PhD theses and the next day's hacker tools."

Besides the usual state actor spying and surveillance, the biggest concern for average Joe is probably a total compromise of digital payments and transactions as soon as the folks behind Zeus/Carberp/Citadel/SpyEye learn how to leverage BIOS infections. If that's not enough of a serious business case for manufacturers to redesign the current insecure approach to BIOS/UEFI, then I don't know what is.

DBMarch 24, 2015 12:41 PM

@No Such Agency

Chernobyl/CIH virus destroyed boot sectors, not BIOSes. I know, because I had a computer that was hit with it back in the day. I still have it, the BIOS is fine (as fine as any ordinary BIOS full of vulnerabilities can be anyway).

Dirk PraetMarch 24, 2015 12:44 PM

@ Clive

Contrary to what many people think writting your own device drivers is not "there be dragons" territory.

IIRC, NeXTstep actually came with a sort of device driver-wizard kit enabling even moderately skilled admins to roll their own.

65535March 24, 2015 12:50 PM

Groan…

“…Kovah says, however, that even when vendors have produced BIOS patches in the past, few people have applied them…” – Wired

http://www.wired.com/2015/03/researchers-uncover-way-hack-bios-undermine-secure-operating-systems/

The reason for that is simple. Not all BIOS patches or “up-grades” go well. I have bricked a few boxes in my day. After the second or third bricking of customer’s boxes I hesitate to continue that practice.

I tend to leave the BIOS alone as long as the machine works well. That is one reason the BIOS’s on boxes [or any device with a motherboard boot strap combo – such as iphones and ipads and so on] don’t get patched.

[next]

This nasty nls_933w.dll in the firmware really should be fixed by the maker’s of the firmware… unless they have been NSL’d and cannot legally fix the problem. If that is the case then the NSA disease has caused a plague in the tech industry.

65535March 24, 2015 1:54 PM

@ Clive or Nick P

I have a technical question after reading:

“@ Nick P, The reason for using Forth in BIOS and PCI devices is the fact that like P-Code it is interpreted and thus the manufacturer of the PCI cards can write "universal code" that runs on all PCI based systems irrespective of if the CPU is x86, Spark, ARM or MIPS etc. As I've said before when working at such a low level "type safety" and other similar security systems is a mute point...” -Clive

Could one of those POST/Boot testing PCI “picks” flash a bios with malware - or detect malware in a BIOS?

Here is a picture of what I am talking about.

Link to image

[Moderator if you need to shorten or find a safer link to show an image of a pick, feel free to do so]

Take a look at this complex device in the Forbes article.

http://blogs-images.forbes.com/thomasbrewster/files/2015/03/Screen-Shot-2015-03-18-at-11.43.19.png

[Or second picture down page]

http://www.forbes.com/sites/thomasbrewster/2015/03/18/hacking-tails-with-rootkits/

That looks like an expensive and cumbersome rig. Could it be done on a PCI pick?

If one could develop a PCI pick to detect malware and then provide a remediation technique it would be very helpful!

Any comments Clive or Nick? I know you are busy so answer when you have time.


@ James Dean

Nice link. Your legbacore your site is interesting.

Nick PMarch 24, 2015 3:53 PM

@ 65535

I'm not knowledgeable enough about the subject to answer *that*. My old assumption was that enemies with physical access to the box own it. If I lost possession of a box, I'd wipe it and sell it. Especially at a border crossing. I'm more likely to not even bring equipment with me if it might be grabbed. Expect more devices like this to show up.

If you must take a device, it's better for it to not have easy debug access and use tamper-evident seals. Tamper-evident stuff on the outside does draw attention. One can always put it on the inside to see if the thing was opened and maybe something on the main chip. This could introduce heating or other issues, though, esp on older hardware.

One idea is to have hardware that only boots from a ROM or flash. Then, you keep the chip it boots from hidden. Once at the destination, you retrieve the chip and put it into the hardware. Might do this for the whole CPU. Otherwise, just a memory chip. One of my old designs was a card-sized CPU/memory combo that got plugged into desktop, laptop, or kiosk peripherals. The trusted part stayed with the user. Everything else was untrusted and mediated. Some security tech can do this at the chip level by making everything outside CPU untrusted and fail safe.

Note: those designs apply to firmware and software level threats only. Side channel and emanation attacks might still work.

Nick PMarch 24, 2015 4:32 PM

@ All

This is a nice article on all the hardware hacking involved in developing an embedded device. Lots of good details on the kinds of issues you run into. It links to this course on hardware hacking. Both of the blog's authors have extensive experience in both commercial and defense sector.

re firmware languages
(@ Clive, Wael)

You might find the eLua project interesting. Lua is simple, efficient, easy to port, and popular in mainstream. The eLua project made a version for bare metal execution on microcontrollers without stripping the language down. It's MIT-licensed. Should meet and exceed the reasons for using Forth that Clive outlined. Might be a start at getting Forth out of systems in place of something people might actually read and work on. I haven't read the internals but I'm sure it would be similarly efficient with ahead-of-time compilation.

blaughwMarch 24, 2015 5:55 PM

The biggest problem with patching BIOS/UEFI is sheer scope and restrictions on system state when the operation runs. I treat these updates as something that simply doesn't happen when a machine is in an end user's hands. I cannot trust that a user will choose the proper time to initiate BIOS upgrade, nor that they will see the entire process through, from OS application, to restart, to microcode flash, to OS restart.

Until this delivery mechanism can be hashed out and controlled carefully, BIOS/EFI updates are the realm of only power users and help desk. Even then, help forums are full of threads where people "who know better" have bricked a machine due to botched BIOS update.

On another note, many Enthusiast motherboards (retail type, not typically those found in laptops or servers), have had dual BIOS capability, where one acts as a "fallback" in case the running config goes off-the-rails. This may provide the "known good" BIOS fallback capability, or it might be another vulnerability in itself. (Does one BIOS have access to read/write the other? Is there a standard by which this is implemented?)

In my opinion, it would be valuable to store configuration in a semi-readable state, similar to what you would find in networking gear. This is truly operating system-level stuff though, not firmware/BIOS.

Unfortunately, the main takeaway we are all getting is that we need a lot of work here. It is really a Bad Thing that the PC era has been here for what, 25 years?

Coyne TibbetsMarch 24, 2015 6:54 PM

Waste. Of. Time.

I worked on a proposal for this very problem. I won't waste many words on it: the short-short version is that it was an ombudsman scheme to give opposition representation in FISC cases.

The idea foundered on the same problem with the court itself--capture of the ombudsmen.

The security apparatus will demand to vet anyone before allowing them access. If a way around that is found, then the security apparatus will shut them out of the process. Any attempt that is made to overcome that must fail because there is no way to enforce that which DOJ will not enforce.

The bottom line is that judges--and any imagined ombudsmen--will always be captive to the security apparatus. Given that, "fixing" FISC is an exercise in futility.

65535March 24, 2015 7:00 PM

@ Nick P

“One idea is to have hardware that only boots from a ROM or flash. Then, you keep the chip it boots from hidden. Once at the destination, you retrieve the chip and put it into the hardware. Might do this for the whole CPU. Otherwise, just a memory chip…” –Nick P

Good idea!

Your “removable BIOS chip” could be the answer. It also could solve the problem being asked to reveal your password to Fully Encrypted Hard Drive while crossing the boarder. You simply cannot turn-on the machine. Ha!

But, the bios slot would be open and our “friends” at Fort Meade may just take advantage of the open slot to plant some malware on the HDD board or memory areas. But, that is a remote chance - since the machine doesn't boot.

I think further investigation into a “removable BIOS chip” is in order :)

BuckMarch 24, 2015 9:11 PM

@65535

Your "removable BIOS chip" could be the answer. It also could solve the problem being asked to reveal your password to Fully Encrypted Hard Drive while crossing the boarder. You simply cannot turn-on the machine. Ha!
No need to have signed an NDA/NSL to figure that one out! It's in the public domain... Just make it *look* like your machine can boot without the secret chip. ;-)

Dirk PraetMarch 24, 2015 9:17 PM

@ 65535, @ Nick P

It also could solve the problem being asked to reveal your password to Fully Encrypted Hard Drive while crossing the boarder. You simply cannot turn-on the machine.

No it doesn't. They can still take out your hard drive, clone it and put the copy in another machine. That's common practice in every forensic investigation, and in the UK under RIPA as well as in France under similar newly proposed legislation you'd still have to turn over your password.

I do like the idea of a removable BIOS chip though. Could be a tiny slot in a laptop/notebook that can fit a sort of micro-SD with write-protect notch. Should be easy enough to duplicate as to prevent bricking your device when a flash update goes awry or when you suspect that it has been tampered with. Taking it out would make the device useless when stolen, at which time it can throw a message similar to those given by Intel's Sandy Coast processors when their kill switch has been remotely triggered.

When traveling and under LE scrutiny, you can swallow or break it. You may even carry different chips, like one programmed to do a normal boot and another that will boot into an innocent looking shadow OS or nuke your hard disk DBAN-style while simulating a normal boot.

Throwing in some additional features that the chip's initially generated key/checksum must match one previously stored in the TPM - and different for every machine - could prevent someone from inserting a random chip to get the machine to boot/reset.

WaelMarch 24, 2015 11:07 PM

@Nick P, @Clive Robinson,

You might find the eLua project interesting.

I had some exposure to Lua about six or seven years ago. Was in a mobile environment, and I hadn't spend any significant time on it. The eLua link you sent seems really interesting now that they have development boards and kits supporting it, with eLua running on the hardware directly without the need for an OS. If I get a chance I might play with it a bit. But I already have so many things (and development kits) on my queue! Not sure I have the time or money for all this cool stuff.

FigureitoutMarch 25, 2015 12:08 AM

Nick P
--The stuffbeansupyournose link enunciates pretty well the highs and lows of embedded dev, lots of similarities for me. Guess it depends on the person, some want nothing to do w/ it even though it's there lurking on every computer. I just want to know exactly how a computer worked really bad, still lots of questions. It is really really nice once you got all the tool chain setup, mostly understand the chip, code; but you also realize how fragile it all is.

RE: forth
--Didn't really like it when I looked into it, couldn't get used to it. ASM is more attractive than that to me.

RE: removable chip
--You'll need tamper evident proofing too and checking the chip in hardware if you leave your computer somewhere and physical security is an issue; "swapped infected" chips may be issue. I don't see how a normal chip could be "plugged in" like a smart card, a whole new interface would be needed, it'd get worn down probably. We keep going how we are, it might not matter at all, a BIOS-like functionality could probably be stored somewhere else on the chip; ridiculous to think about, but it's these chips that have every goddamn feature you'd never use, it's in there, can't selectively remove w/o destroying it.

Implementation details are needed for feasibility and safety (how many dumbasses will remove chips w/ power on?--I did that w/ a mini PCI card recently and it destroyed the entire motherboard. If it can wiggle around then shorting is an issue too, not cool when you blow a random SMD transistor or the entire chip.); but regular "dip"-style sockets are probably a good start. Just the pins need to be thicker metal and not bend easy, for instance removing PIC chips on a breadboard bend and it's really cringey when it feels like they're about to lop off.

Clive Robinson
The hard part is making them both "efficient" and "crash proof"
--I think you really understate this, that's one of my biggest concerns if you want to actually use it day-to-day and not take a hammer to it. "crash proof" is another term for "reliability", you won't be sure if the crash is malicious in nature or just your sh*tty driver. If every other "session" or whatever you want to call it, using the driver, crashes your computer in mysterious ways; it sucks and is scary. For modern SoC's, you'd need drivers for comms between parts in the chip itself too, I mean you've seen them, they're non-trivial/intuitive eh? I hope we do that in a class, write a device driver based off say datasheet only, from scratch. I'll cut to the chase, SPI and I2C, pretty much every chip needs one of these.

RE: those PC-104 boards
--Found a perfect board for me lol thanks, I could pretty much flash and make a version of a "guard" much quicker than learning an entire new chip.

Wael
But I already have so many things (and development kits) on my queue!
--Man same! It's a good problem though, eh? Never bored. You just have to cover your eyes sometimes otherwise, b/c the best part is mastering a system and being able to spot problems quickly rather than the sky is falling and not having a damn clue...

WaelMarch 25, 2015 12:26 AM

At the high level, you'll notice that most proposed solutions aim to achieve one thing! That thing is called "total control". If you have no control, you have no security. This subject was covered many times in the 3-year-deep bowls of this blog and was also a significant part of the C-v-P discussions...

From a strategic point of view, a few things need to be noted:

  • Know your assets: The asset that needs protection
  • Know your weaknesses: Awareness
  • Know your adversary: Their capabilities, motivations and goals -- Awareness, also
  • Know your Weapons: The available or needed defense mechanisms
  • Putting a flash protection jumper to prevent flashing the BIOS or tampering with it is a way to regain "control" that was taken away from the owner of the platform. Any solution that achieves "total assured (implies exclusive) control" will probably achieve the desired result. But also awareness needs to be there! What if there are other firmware parts that are vulnerable, as shown on previous discussions?

    Would you fight without knowing the above elements?

    DBMarch 25, 2015 1:10 AM

    @Dirk Praet

    There are already machines with a MicroSD removable "BIOS." Generally they are machines for geeks, not the common man, and Arm based or something, not Intel/AMD. Here's an example of one that's open source hardware even. Geeks and hackers like this kind of thing because it does make it much much harder to truly "brick" a machine, so it's more accessible and easy to experiment with.

    My the way, MicroSD's don't have a write protect switch, only the full sized SD cards do. And the notch doesn't actually prevent any writing, just advises the OS that the user prefers not to write... Designing the standard that way was simply a cost saving decision by people who were not dreaming of any security implications.

    FigureitoutMarch 25, 2015 1:43 AM

    DB
    --Good point, Beaglebone uses eMMC (I'm not super familiar w/ how it works) and you can either flash it from the microSD card or just run from the card. But you usually would rather be able to use the flash card. Oh btw, I messed up the beaglebone too messing w/ the card but finally "reflashed" it.

    As you say though, no simple physical write switch. I got this image in my head the kinds of people that would *want* to remove this feature, it's the kind that take pictures of every meal they eat, "vlog" their existence, and their private parts, and want to run their PC on the internet all the time, plug their phone in every PC they can, and probably support multiple botnets worldwide.

    65535March 25, 2015 2:11 AM

    @DB

    ‘There are already machines with a MicroSD removable "BIOS."’ –DB

    Nice, board. I think I saw a guy named “bunny” using one of those – he is an expert in micro controllers on memory chips.

    I will say I was thinking about a more proprietary socket than an microSD. That will have to be worked out.

    @ Figureitout

    “You'll need tamper evident proofing too and checking the chip in hardware if you leave your computer somewhere and physical security is an issue; "swapped infected" chips may be issue.” –Figureitout

    Yes, Nick talked about that. I think there is a way to do it.

    @ Dirk Praet

    “They can still take out your hard drive, clone it and put the copy in another machine.” – Dirk Praet

    Let them. Any hurtle is better than none. The full disk encryption is a fair sized hurtle . Sure, in the future they will be able to crack it quickly but not at this date.

    “I do like the idea of a removable BIOS chip though. Could be a tiny slot in a laptop/notebook that can fit a sort of micro-SD with write-protect notch.” -Dirk Praet

    The removable socket should be solid and have unique features to ensure it doesn’t get bent - and, should be tamper proof as possible. It could be done.

    @ Buck

    “Sunday, July 6, 2014, Powerless devices will not be permitted onboard the aircraft. The traveler may also undergo additional screening.” –TSA

    Yep, any hard case that could hold plastic explosive will be subject to certain rules.

    The way I read that rule is it is meant for carry items. You could put the laptop in a luggage bag… and possibly have no problems… to some extent.

    The rule is almost a year old so it applies to every electronic device regardless of any privacy precautions taken. Having removable Bios is just a risky as a dead battery on any device... Although, I am not legal expert.

    CuriousMarch 25, 2015 4:35 AM

    Being a simple PC user, I am trying to imagine some things here:

    Compartmentalized code

    How about having the programming (software/firmware) that make up all the functionality of a PC, to work together when mixed up, but ALSO, as standalone.

    Then, having physical switches on the computer could then perhaps route the firmware data inside computer chips (maybe even compartmentalized ram chips), so that a computer user can enable different levels of computer code, so that the computer could be run with minimal code as a basic level, with code that can be more easily reviewed, without having to deal with bazillion lines of confusing code?

    I realize now that I don't have an opinion about how the use of random access memory would fit into this general idea of compartmentalized code, other than the idea of having compartementalized memory chips in addition to compartmentalized firmware chips, because it is very unclear to me just what would be required to make an operating system to work.

    bp4ecp&fwMarch 25, 2015 4:52 AM

    Thanks a lot James, Coyne, Aaron, and so on for the useful comments and replies to my questions.

    Now a question remains (the question "number 1")... as you noted there are methods a firmware implant may use to hide itself and avoid being removed by a firmware reflashing. Ok, even while booting for a BIOS update CD-ROM firmware loads first and the implant has a chance to protect itself. I understand it.

    However, would it be possible removing the firmware implant by reflashing the BIOS from an "emergency recovery mode"? In other words, when a BIOS update goes wrong some manufacturers provide a method to recover the computer. Old computers had a ROM that can be used to boot an ancient firmware release by changing a jumper/switch on the motherboard. Recent computers (sometimes) allow recovering from a bad BIOS flashing by booting an "alternative copy of the BIOS" from a diskette, CD-ROM or USB drive. This is a way to recover minimum functionality that allows the computer to be flashed again.

    Would booting a BIOS from another media (in "emergency recovery mode") help removing the firmware implant from the computer?

    A computer booting from a copy of the BIOS stored on a USB stick or CD-ROM should behave like an external flash programmer. A computer booting from a BIOS stored on a removable device should be "temporary clean" allowing a good flashing. Am I wrong?

    bp4ecp&fwMarch 25, 2015 4:56 AM

    @65535

    Your "removable BIOS chip" could be the answer. It also could solve the problem being asked to reveal your password to Fully Encrypted Hard Drive while crossing the boarder. You simply cannot turn-on the machine. Ha!

    No, it will not work. When an electronic device does not boot custom staff may be permanently seized. Beware if you cross a border with a device that has a discharged battery!

    On the other hand, customs staff may have a collection of "removable BIOS chips" that will allow them boot these BIOS-less computers.

    bp4ecp&fwMarch 25, 2015 5:08 AM

    Obviously in my previous post it would say "when an electronic device does not boot, customs staff may permanently seize it." In other words, if you cannot prove a computer is what it looks like, custom staff may seize it as "there is a risk it hides explosives or other dangerous material inside". You will not be allowed to travel with it.

    So, make sure you have fresh batteries when crossing a border with your music player, computer or tablet.

    CuriousMarch 25, 2015 5:48 AM

    I wonder, is 'micro code' for popular cpu's a possible source for malware? Presumably, there is some kind of re-writable storage space in a cpu for micro code, but I can only guess being a simple PC user.

    Also, I wonder, can a popular cpu chip have secret storage spaces for storing "malware code" as micro code or some other type of data off some re-writable storage space on a cpu?

    I guess it only makes sense to think of a cpu having a tiny chip inside the cpu that acts as a re-writable storage medium (and so I makes sense to people like me, to not think of the entire cpu as being some kind of re-writable storage medium), but I honestly have no clue how a cpu works.

    Nick PMarch 25, 2015 9:37 AM

    @ Dirk Praet

    re hard drive

    That only works if it isn't encrypted. They still have to get the password from you if it is encrypted. Also, a number of modern designs tie the crypto to something protected at SOC-level. So, they'd have to crack the SOC's protection or get the password from you. Those aren't available for consumers yet, though. Well, iPhones have something like that.

    re chips

    Now you're getting the idea. :)

    @ Wael

    The benefit of learning the eLua kit is that you might build tools for internal use on it. That makes the tools easier to maintain. Then, you just port the interpreter or whatever to the new hardware. A mind-numbing job the company can give to a junior guy. ;)

    @ Figureitout

    " It is really really nice once you got all the tool chain setup, mostly understand the chip, code; but you also realize how fragile it all is."

    Good point. Especially the fragile part. You'd think that our boards would be rock-solid by now with good engineering. Yet, people still have to look through datasheets, do reverse engineering, and use lots of testing just to get a baseline working. Lol...

    re removable chip

    I had two ideas in mind. One was a socket such as I used with older CPU's. We literally just popped them into or out of the system. Another is a MicroSD-style setup where you just slide it in with an optional component to hold it in place. Either way, keeping the brains in a component you just plug-in was long proven in quite cheap hardware: Nintendo Entertainment System. :)

    @ DB

    "There are already machines with a MicroSD removable "BIOS." "

    Google gave me nothing using those search terms. You got links to examples?

    Note: Figureitout mentioned Beaglebone using eMMC. So, I'll look into it as a start.

    @ Curious

    Not sure about the random access part of your system. The rest is covered by a number of papers and software products going back decades. For compartmentalized, look up microkernel systems such as EROS, seL4, and GenodeOS. For mixed up, Google for security papers on software diversification or randomized instruction execution. Some schemes, such as Flicker, try to isolate execution of an x86 function on a compromised OS. Lots of work in there already to build on.

    re microcode

    You probably could use it for malware or support of malware. You'd have to know about the internal layout of the processor. Intel and AMD don't share microcode details with third parties IIRC. That subversion happening would take an insider at the companies, a nation state that compelled the information, or an open source processor that uses microcode.

    @ bp4ecp&fw

    Yes, that should be doable. It might be a jumper or even software switch that lets you put the new BIOS in with physical connection to the chip. The BIOS might be on a dedicated chip that you can just replace. The system might have two BIOS's and you switch to the other with a jumper. The system might have one non-writable BIOS that authenticates a writable one. The later should prevent the attack but also lets you do recovery if not.

    CuriousMarch 25, 2015 10:24 AM

    @Nick P

    To iterate a point I sort of made: a notion of mine about popular cpu's which I found intriguing, was not so much about a cpu possibly containing malware by a manufacturer, but the cpu having some kind of storage space, where someone knowledgable could use such a storage space as I imagine for hiding away and later spawning malware code. Whether or not a cpu has re-writable storage space of any kind, I have no idea. I simply imagined that any type of storage space on a cpu could perhaps be abused given that the working of a complex cpu presumably is really obscure stuff.

    sena kavoteMarch 25, 2015 12:02 PM

    If reading infected BIOS from operating system installed in a clean computer, and out comes the real BIOS as data, that means the malware BIOS had a copy of the real BIOS in data form. So to counter that, empty storage space of firmware should be completely filled with something uncompressible, so that malware BIOS would not have space for both itself and real BIOS + filling. Maybe the BIOS makers could put there a .png picture of their offices or something...

    Defender might be able to use some rowhammer level trickery against the BIOS malware. Physical access helps lot. Timing side channels and electric field side channels could be used to reveal something about it. Fault injection could make the malware output random parts of itself or it's memory space so that if done enough times, a complete extraction can be done. Fault injection could just reveal if the resulting malfunctions are consistent with the real BIOS being inside. We can assume that malware BIOS would have different kind of malfunctions.

    Fault injection could be done by doing something electrical with the barely visible wires on a circuit board, by heat or by using one 1800s technology in a very weak form: x-ray generator by Wilhelm Rontgen, but emitting much lower energy radiation with lower intensity. The x-rays need to just pass about 1 millimeter of plastic and silicon to where the BIOS related computation happens.

    (That same x-ray generator could be used to test error correction in hardware and software, or to jailbreaking devices with a weird rowhammer style attack that has been done with heat(someone linked that.)

    Somehow the BIOS was put in the blank chip during manufacturing. Either it was done the normal way by sending electric pulses on wires, or electron beams beamed every bit on place similarly how old tube TVs work. If done by pulses, does something prevent attaching few electrodes on the circuit board and use those to input pulses in the same format as during manufacture? Use raspberry pi or arduino GPIO pins?

    If the BIOS chip were disconnected, could GPIO pins offer the same interface to the rest of the circuit board as the BIOS chip? I mean, use raspberry pi as a BIOS "chip"? Severe underclocking may be needed for the computer.

    FigMarch 25, 2015 6:32 PM

    The first step is to get rid of preexisting vulnerabilities like those having to do with vPro, EFI and various Intel 'features' lurking into firmware. This means finding a way so that the end user can relatively easily change the firmware with another one which doesn't support remote management backdoors.

    We have to raise public awareness on why Coreboot and similar initiatives are extremely important. Also put pressure on retailers and manufacturers to support these initiatives.

    Ones the preexisting backdoors are gone, we can start worrying about how a malware can enter a 'good' firmware. As it is now, with the already offered backdoors malware insertion is already available and it's a matter of time before some underground hacking group discovers how to use the preexisting backdoors for its own profit.

    Dirk PraetMarch 25, 2015 9:17 PM

    @ Nick P, @ 65535

    re hard drive

    That only works if it isn't encrypted. They still have to get the password from you if it is encrypted.

    Of course they do, but that's where the $5 wrench comes in. When you're being held up at an airport by LEO's asking for your password, it's game over anyway unless you're a high-profile person, you have lots of spare time and some legal assistance readily available (and affordable). Average Joe in most cases is kinda screwed, especially in jurisdictions where you can be compelled by law to hand over your password. There's RIPA in the UK and France is working on similar legislation. I guess it's just a matter of time before other countries introduce the same under the almighty "national security" or "terrorism" catch-all.

    @ Fig

    The first step is to get rid of pre-existing vulnerabilities like those having to do with vPro, EFI and various Intel 'features' lurking into firmware.

    You certainly got that right. Several rootkit PoC's against vPro's Q35 chipset have been published. One of them even worked without AMT being present or enabled on the system (AMT can be disabled in BIOS). Same goes for the GM45 chipset implementation that under certain circumstances transmits passwords in the clear and can allow remote "zero touch" provisioning. And since AMT uses TLS, I'm not entirely sure if it's not susceptible to FREAK either.

    FigureitoutMarch 26, 2015 12:54 AM

    65535
    Yes, Nick talked about that. I think there is a way to do it.
    --Talking and doing are 2 separate things. Little details as always will bite you in the ass (and potentially force an insecure implementation due to "making it work"), not considering his work environment may be under surveillance or active attack, makes things really annoying...

    Curious
    I wonder, can a popular cpu chip have secret storage spaces for storing "malware code"
    --Yes, yes absolutely plenty of space in my preliminary investigations...this is the problem we've been talking about for years. Now consider it being inserted and removed remotely, and documentation being "false" by ignorance or intentional maliciousness so even if you do lock down programming pins there's still a little tricky backdoor...

    Nick P
    You'd think that our boards would be rock-solid by now
    --Well, we give up the safety when we want to get to the simple core. Some engineering I wouldn't necessary call "engineering", seems more like hack-n-patch that works until some unknown bug screws you. I don't know, but I imagine working at the big chip manufacturers it's not all "oh take your time, make the most quality, excellent, safe, perfect solution; whatever you need you're covered", more like "hurry the f up you stupid pieces of sh*t if you don't want to be fired, our competitors just released and we need to ship now".

    Yes I'm familiar w/ NES, though I think we'd be seeing a lot of issues w/ people blowing on the sockets (whoops, count me in that category too :p).

    Warning RE: beaglebone
    --It's a work in progress, guaranteed something will upset you w/ it even though it's a powerful board, lots of bugs still. OpenBSD and Minix has been ported to it, but of course you don't get full hardware support, you lose some peripherals (w/ Minix some really important ones...). Some may see that as more an opportunity though to push thru a solution first, I don't know...

    I'm also waiting for Novena price to come down, would suck if it just stopped getting made.

    Fig
    --Agreed, but can't forget, easier said than done, the backdoors don't really go away I think...Just make them obvious to see or hard to actually work.

    More boards need Coreboot support, knowing malware writers will try to get malicious commits in the code base too; hence it's good to keep track of who submits what, maybe giving up some privacy since we need to find these malicious people and keep them away from security projects.

    FigMarch 26, 2015 12:46 PM

    While Coreboot is not a magic pill, it would be a big step forward if more motherboards supported it. Though manufacturers might still try to get smart as in the case of those locked Chromebooks.

    Garak or an impersonatorMarch 26, 2015 10:19 PM

    @Andrew

    Physical switches (or removability(Ara?)) are important, but mandating by law isn't the right answer. I understand the sentiment, as the free market has been completely perverted by NSA mass miseducation. As others have said, BIOS hacking is hardly new. The only thing new is that Snowden shouted to the world that the BIOS emperor was wearing no clothes. Bruce Schneier has been saying it for more than a decade I suspect, but nobody (other than us phreaks) listened to him. The bottom line is- Companies cut corners on closed source software security testing and maintenance. NSA grins and watches. Snowden hits everyone who hadn't figured it out years ago on the head with a cluestick. News at 11, now here's sports and the weather...

    DBMarch 27, 2015 4:09 AM

    @ Nick P

    Sorry, I guess my link wasn't obvious enough, because it was in text. Here it is outside text:

    https://www.crowdsupply.com/kosagi/novena-open-laptop

    and here are more technical details:

    http://www.kosagi.com/w/index.php?title=Novena_Main_Page

    This is the Novena, it's an Arm-based computer that has a "BIOS" (or "firmware") on a MicroSD card, instead of flashed onto a chip. It's the surface mount thing in the middle of the board next to the cpu. There is another MicroSD slot on the bottom, and a SATA port along the edge, if you don't want to cram your whole OS and everything on the tiny "BIOS" MicroSD card too in another partition.

    DBMarch 27, 2015 4:22 AM

    @ Figureitout

    I doubt the Novena price is coming down... It has an FPGA on it for heaven's sake. Price was not the first and last and all the middle considerations when designing this thing.

    ...unless you just want to convert it into a Raspberry Pi, then sure, get one of those instead. The Pi 2 is almost usable even.

    Nick PMarch 27, 2015 10:52 AM

    @ DB

    re BIOS

    I appreciate the link as it partly clarifies it. I think what was confusing me is that I'm thinking of firmware as the first thing that runs. The processor executes something, it performs some steps, and loads what they plug into it (U-boot). So, it got me thinking "what loads U-boot? the hardware itself?" Unlikely.

    A bit of Googling led to this SlideShare about it. This is their boot sequence:

    1. "BL0: runs on iROM (vendor-fused)"
    2. "BL1: runs on iRAM (vendor provided)"
    3. "BL2: runs on memory (u-boot SPL version)"
    4. "U-boot boot loader: runs on high memory (u-boot)"

    So, that's two firmwares that run before U-boot is loaded. They're the kind of firmware I usually think of. The proper firmware of the device is all of it in combination. So, the third stage is open and runs in memory. The last stage is on flash and open. The first two are within the SOC and probably closed. Either of them might have security-critical effects on the board. We can't audit them though.

    re Novena price

    Yeah, it's true that price wasn't the main concern. The focus was on an open, hacker-friendly, FPGA development platform. A desktop, monitor, and Spartan-3E FPGA devkit is usually $300-700. A board with a quad-core ARM and Spartan-6 at $550 is priced well in comparison. Especially if you don't need x86 compatibility or performance. More so if you want open hardware/software.

    GarrettMarch 27, 2015 10:52 AM

    Does anybody know of a way to determine which BIOS versions are vulnerable? I'm tempted to request a refund for my motherboard if the BIOS it comes with isn't upgradeable and is vulnerable. That would be one way to start getting vendors to be cautious about security and design.

    DBMarch 27, 2015 1:18 PM

    @ Nick P:

    Yes, you do need something that tells the chip where to start executing when it's turned on. And in the case of a MicroSD card "BIOS," it needs to know about the MicroSD card and how to read it in order to do that. So in the case of the Novena, obviously that much is still on the chip. However, beyond that, there is TONS of stuff that's typically part of a "PC BIOS"... i.e. ram initialization, u-boot, all the rest of the hardware layout, loading a kernel, etc... and all that is on the MicroSD card.

    See the "Bootloader" section in the second more technical link I provided. According to this, "Secondary Program Loader" (SPL) is the first thing that runs from the SD card, it's about 40k, initializes the RAM and then loads u-boot. According to slides 8 and 9 in your link, that may be BL1 since RAM has not been initialized yet (maybe really a combo of BL1 and BL2). If this is the case, then there isn't any flashable firmware below what gets executed on the SD card. Obviously there's still BL0 fused into the chip...

    DBMarch 27, 2015 1:40 PM

    @ Garrett

    That's the whole stink about this. ALL versions are vulnerable in some way or another. You can refund your board, and simply stop using all computers altogether...

    This kind of problem causes several different responses:

    1) "can't be that bad" (ostrich head in sand)

    2) it's bad, but nothing we can do about it (returns head to sand)

    3) there's so much to do to fix this, I can't handle it all (returns head to sand, or whines about it and gets depressed)

    4) looks for and finds something that can be done, and does that. even if it's just a small thing. suffers with the problem in the mean time. fixing such a big problem with all our hardware being so vulnerable is an iterative process.

    BeanMarch 27, 2015 2:15 PM

    I have noticed that most vulnerabilities (AMT, SC, vPro etc) have to do with Intel. Are AMD offerings safer?

    DouglasMarch 28, 2015 6:37 AM

    This technology is very real and I am a victim of it. It took six months for me to find out about remote access radio technology, but I just found out about it an hour ago. My PC was hacked in September of 2014. I must have reformatted my HD at least 50 times since then trying to harden my system before going online. But every time I would set up FR rules, the hackers were resetting them according to their preference. They were mainly concerned with using the TV software in my PC along w/ anything that had a remote element too it, FM radio, Ham radio, etc.

    At the time, I thought that it was strange why they wanted these programs available to them, but after doing research, I found out that they are using remote access radio technology to hack me.

    They totally shredded Windows to pieces every time I would reinstall it, but I got wise and switched to Linux OS which they can access and set up stuff to run on my PC, but they cannot shred it like Windows.

    I was about to post last night on facebook about the fact that these hackers and along with their boss who is a member of the KKK were headed to Federal Prison. However, as I began typing my message and it became clear too them what I was about to post, my HD started spinning up. They were overclocking my PC to prevent me from posting that content.

    What they were doing and are still doing is using my cell phone to use the radio waves from my cellphone to access my PC.

    I read up on the technology and it states that this type of technology has about an 8 mile radius in which it will work. So I took my cellphone and turned it off and then wrapped it in aluminium foil and placed it in the trunk of my car which is about 50 feet away from my PC.

    I knew for along time that this was a revenge hacker. But actually the hacker was not the person who was seeking revenge. The person who was seeking revenge is my ex father in law who is a member of the KKK.

    I did not know this until after my gf became my wife. She was pissed at me for some unknown reason and she started telling me a story. I guess the story was designed to strike fear in me, but I did not sense it at that time. She said, "My father took me out to my great grandfathers grave and he said, do you know who is buried there? She said that's grandpa. And he went on to say, that's not just your granpa, he was a Grand Imperial Wizard of the KKK!"

    I don't know what I was thinking, but I should have filed for divorce right then and there. But I said to myself, well, that doesn't mean that her family is still doing the KKK thing. That's just something in the past and I let it go at that.

    I owed my ex wife some money and was not able to pay her back as fast as I could and that's when her father started proxy stalking me. He is well connected in east Texas and I was reminded by my ex wife and by her brother that I should never make him mad.

    This guy began using microwave technology on me in 2009. I guess whoever had access to that equipment could only lend it to him for two weeks and that was it. I've told this story to everyone I know and every single person thinks that microwave hearing technology does not exist. Ah, but it does!

    So what is microwave hearing technology? It is a device that uses microwave technology that is aimed at a person and then someone who is operating it, spoofs their voice so you cannot differentiate who is talking to you.

    They were telling me to kill myself, and do all sorts of crazy things. At first I though I was having auditory hallucinations, but the voices were so clear. moreover, there was nothing about Satan nor God so I knew I was not having a hallucination.

    But they or I should say, he used that as a form of psychological harassment to keep me up all night.

    For the past 18 months I thought that he was tired of stalking me and got over whatever it was that was driving him to being nothing but a 57 y/o bully. But he struck back in 09-14 by having pro hackers use remote access radio technology to hack my PC.

    At first, I just thought that it was a regular hacker, but they kept hitting my system over and over again. I thought, well, I'll just wait til 4AM and get on my PC and see if I can sneek past this guy, but nope! He was on my system in less than two minutes. And then I found out that it was more than one guy.

    I found a bogus windows file extension in SYS32 folder and it had communication between the hackers. They talked about every time the client logs on which is me, that they need to set the timer on their system to reflect how much time they would spend harassing me. They obviously were getting paid by the hour.

    There was another time that I was setting up Zorin which is a neat Linux distro, but they shredded it and made the screen go blank. After the screen returned to normal, the wallpaper was changed from a solid color of black to a busted up outdated typewriter.

    About 6 weeks ago, I gave my ex father in law a call and he pretended not to know who I was. I remember specifically that I used "Spokeo" to get his name and address and phone number. At first, I was going to write him a letter, but decided to give him a call. I made sure that I waited until my roommate got home so he could hear our conversation.

    About a week or so past by and then I noticed there was a new app on my galaxy 5. It had a website called mantra or something like that. I took a good look at it and it had my ex father in laws name on it, along with his address and the type of work he does.

    He has the balls to place such damning evidence like that on my cellphone. But what he does not know is that the FBI can have a forensic expert find out how that app was placed on my phone. Moreover, the FBI will be examining this PC and the two others which were destroyed by the hackers.

    Six long months have passed without the slightest idea of how someone could access my PC while it was unplugged from the Net and the WIFI switch was turned off. This was blowing my mind.

    But I knew or assumed that they were probably using radio waves to somehow access my PC, and I was right.

    This has been a nightmare. For six months, I was only able to get online about 30 minutes at a time before they would crash my PC. That meant that I could not read email, I could not access my online banking so I could balance my check book. I could not do anything! On top of that, I'm on Social Security Disability and I was going to school to finish getting the skills I need to be a web designer. I am self taught and understand HTML very well, but CSS and javascript, I'm not well versed in so I was attending school for that at the tax payers expense and he sends his hackers in to boot me off the Net which ultimately lead me to have to withdraw from college.

    Before they knocked me off of the Net, I was able to purchase some online web design tutorials from Udemy.com. However, since Internet access was almost nil to none, I could not take these courses which I need so I can get off of SSD.

    He did not care. I've read up on the profile of people like them. They are sociopaths. they have no conscious about what they do to others. Back in the day, he tried to get me killed by spreading a rumor that I was a paedophile. After the rumor got started, people I grew up with and knew very well began to treat me horribly. I was a nurse at the time, and I got fired from 3 jobs in less than a month.

    Prior to him being in my life, I was a highly skilled and very employable nurse. I could find a job anywhere I wanted, but after he came into my life, he made sure that he was going to punish me severely.

    His day will come and I'll see him in a court of law and I'll be there for his sentencing and watch him go to the Federal Penn.

    But as far as remote radio access technology goes. It is here, and it will only get worse. It would be a nightmare had I had a small business designing websites. It would be impossible to design anything for anyone as long as they are w/in an 8 mile radius. He could have destroyed my business.

    But I thank God, because this man is finally gonna wake up and lose everything he has because of being obsessed with me.

    He thought that he was invincible. Because catching a proxy stalker is really hard b/c they use other people to make veiled threats to you.

    So. If you ever notice that your PC has been hacked and you are disconnected from the Net and your system settings are changing in real time as you watch your screen. You have been a target of remote radio access hacking.

    GuestMarch 28, 2015 3:28 PM

    I've been looking for laptops with a hardware switch for the mic, or a mod to add it. This should help prevent the bioses from communicating at night, and the advertising companies, spooks and exes from improving the UX...

    FigMarch 28, 2015 7:14 PM

    Better to disasseble the laptop and remove mic altogether. Grab the camera as well when you reach there.

    Dines With DingosMarch 29, 2015 2:25 AM

    Real Programmers don't pussy around soldering BIOS chips to motherboards. Real Programmers arc-weld them to spooks.

    GuestMarch 30, 2015 6:51 AM

    I'll get an usb cam for my skyping needs, I just don't like the telescreen running all the time.

    Thanks @ Fig for the good advice! :)

    DBMarch 30, 2015 6:42 PM

    @ Guest

    Indeed, turn off that telescreen once in a while and go outside for a walk. It will lift your spirits. :)

    TrApril 3, 2015 4:51 AM

    Nice post on BIOS Hacking along with different articles from Forbes, Threatpost, Wired. Thanks for sharing and drawing attention to the topic of hacking and Security.

    androidianApril 15, 2015 11:23 AM

    Consider making a smallish system from one of the newer quad core Raspberry Pi boards.
    Everything that isn't on the OS SD card is rommed in the chip. They are now fast enough to get the job done with enough resources to have a reasonable desktop replacement system.
    Burn whatever OS you want to it and go webbing.

    You can even make multiple burns on different SD cards and easily run checksums on them to compare them to each other for verification. Either that or just burn a fresh one every week or so.

    As to those suggesting disconnecting the mic and cameras in laptops, just physically disconnect the mic(s). Leave the camera but cover it with black tape.
    When you want to Skype, simply uncover the camera tape and plug in your ear buds with mic to the sound input jacks until the session is over. Cheap adapters exist that let you plug in the older separate speaker out/mic in and then use your 4 conductor iPhone style earbuds with mic cables into the adapter. Don't forget to put the tape back on.

    yoronMay 25, 2015 6:47 AM

    Reading you I wonder.

    What about W XP pro? Most of it should have been gotten through under the years existing, by people interested. And if you stop updates staying at some predefined service pack, using a third part firewall and non American anti virus (I would suggest German). What are the odds for it being compromised? The NSA back-door presumed to exist should probably be initialized only on targets of high priority, wouldn't you agree?

    And really wanting to be secure, why not use a live cd (linux) for that? As long as you don't save to the HD it should be ok, I think? What's really sux is if the hardware is compromised from the start though. Any experimental profs for that?

    jeffgMay 27, 2015 10:35 AM

    My nightmare-learning experience started about beginning December 2014. I was reading Douglas's post and found that there were a lot of parallels to my own story. I also was running Zorin-Linux built on Ubuntu and one day at a friends house that was attached to an open network. something I did not see risk in as I was running Linux. I was very confident I was safe but I was wrong. Linux can be hacked by someone or like Douglas said a paid group off hackers. I also read communications via script notes and such. since that day I to this day have not rid myself of them. The hack was very effective and destructive. I have lost count of all the hardware it has destroyed. I am not sure the exact way they delivered the first blow but remote radio access hacking sounds plausible. I don't know what I did to deserve this but here it still is. I am using HSBC Linux live CD distro as i am typing this and I have tried before and got about this far when the little squiggly red lines when you misspell started to just flash on and off all over and eventually all the words and thouten crash no more story so we will see if this will post. Anyway I also suspect people close to me but cant be sure because if you were the attacker and listened and watched you all day and night you would know who to pin it on to cause trouble and make me accuse them of being part of the conspiracy to harass and make my electronics not work. IE computers, cell phones, Ipads, routers etc. it has been 5 months or so and I will see if I can post this no hitch normally by now they would have pwned me by now. It was so maddening i mean for a while i went crazy no kidding about lost people as friends because of it. on the other hand I was so impressed with the shear beauty of there technique to hack me and still new stuff every day. I really just wanted to also ell about suspect software that may be used also. I just wish they would teach me not to hack someone just very interested. Ill throw out what software bay be involved. remote radio access hacking might of started it or not but it makes science I removed the hard drive, bios battery, and wifi card and still was being hacked in real time. some were CRON jobs but not all. I did not know that someone could remotely reprogram my firmware!!! also if you think your live cds or dvds are safe from being altered because of a closed session think again. anyway Kali Linux has an arsenal of hacking tools. like BeEF, Metasploit, U3pwn, and about anything you need to destroy someone. bind I think is in beef is a suspect also. anyway geting scard that I will loose this so

    Matt brilliant hat.July 29, 2015 8:25 AM

    Use a lan tap basically a CAT5 patch cable with a third soldered on just the RX not the TX don't use live wire shark capture, only use tcpdump or custom pcap script written in C then hexinject or scapy to examine the packets, Kali or any Linux or Unix distro would do the trick, I would get the distros and/or libs and tools on somebody else's IP addr, as not to give the game away, but after you have this up and running do some x11 trace route and nmap scans, etherape stuff so they know your proactive and reactive, that way if they go super low level, they may be in a false state of security believing they live in the chip sets and controllers well below the reach of the OS's pcap capability, because they don't know about the T section tap!!!!

    SamAugust 13, 2015 9:08 PM

    Hi,

    My Mom and Uncle have been having similar problems, their BIOS appears hacked, and no matter what I do, it keeps coming back. I am an Electronics Technician, with knowledge of Computers, installs, building from the ground up, but never tried to Hack someone else's stuff, let alone Family. My Grandpa was a Genius at this, and possessed many Electronic Gadgets, which my Aunt no has. I am wondering if she has figured out the same type of radio interference, so that none of my efforts to protect my Mom or Uncle (all live in same house). Plus, neighbors are coming around outside and looking at the house, sometimes walking around with laptops in hand, suspecting activity over there.

    Is this for real? it sounds a little sci-fi to me, and even though I have enough knowledge to know that it could be possible.. is it actually happening in the here and now!

    ANY help or advice would be GREATLY appreciated!

    I believe in Karma, and good vs evil. I hope us Good guys prevail! and for cryin out loud, why don't they hack terrorists! geeez

    Porfirio DiazSeptember 14, 2015 3:17 PM

    Just Bla... Bla... Bla...
    My Laptop has a bug (virus, rootkit, bootkit,...) in the BIOS. It likes to eat letters that I write through the keyboard. It always sends the actual window to the desktop. It survives to wiping the HD and reflashing de BIOS and with differents OS such as all windows, linux distributions and FreeBSD. I'm looking for a guide to get rid of this rare thing that the Bios has. I've read a lot of proofs of concepts, Journals, coreboot, seabios, but I haven't found a guide of how to remove these kind of bugs. For those who are skepticals of these bugs please do a serious research on internet and try to figure out how to solve the problem.

    I thank people to try to give truthful information on this topic.

    Porfirio Diaz

    James JonesNovember 13, 2015 8:33 PM

    Back in 2008 when I told people that my Bios was infected, everyone told me that I was "paranoid". One guy said, 99% chance that you can't infect the bios with malware. I had tried every single antivirus software out there and nothing picked it up yet I knew for absolute certain there was malware in the bios. I am not even a programmer. Now 7 years later, it is absolute fact - the bios CAN in fact be infected with malware. Too paranoid, huh?

    How do you like me now?

    Nick PNovember 13, 2015 8:44 PM

    @ James Jones

    Most people that say stuff like that are misreading other situations. So, skepticism is the default. So, how did you test that your BIOS, not anything else, was infected and show that to the skeptical parties?

    "How do you like me now?"

    At least as much as every other botnet member out there. :P

    SubvirtedNovember 19, 2015 2:05 AM

    I would like some of your opinions on what is going on over here on this website. It is a good read and I would really appreciate some knowledgeable opinions about it. I personally was hacked in some manner and the site I am linking describes everything I have discovered in detail. Has anyone ever heard of this particular attack? I feel like it started as a BIOS exploit and proceeded to then spread to different firmwares in my system. As of now all my devices in my house seem to have some sort of exploit on them and I have MANY different OS platforms in use. Whatever it is, it is independant of the OS being used. It must be at a lower level of hardware/firmware such as BIOS, CPU (I do have an Intel AMT capable I-7 in the machine that was initially attacked), or USB controller, etc.
    My post is the next to the last on the page, but everything related on this page I also noticed. I have been infected with this since October, 2012. If anyone can steer me in the right direction I would appreciate it. I know I will probably never remove it, but I would like to at least make sense of it all. I was also told I was paranoid and a simple OS restore would fix it. As many on this page and the other will attest...that is just not true.

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/ccce9ec7-7ec0-4c49-a719-f20fe82f384f/help-dell-laptop-turned-into-a-server

    Anonymously HackedDecember 23, 2015 10:00 PM

    Hey there,

    Just wanted to inform everyone that I have recently become a victim of such a hack.

    The attack was personal and infected every computer in my home, including the phones ( home phone which had bluetooth ), cell phones ( android and ios ), linux machine, windows 7 machine(s) AND a 3 verizon fios routers.

    Under analysis, booting off a linux CD ( was only able to boot one time because once in linux the virus rewrote the firmware on the CD drive ) I was able to see a log of the virus actually writing to the CD drives firmware AND the cd I just booted from.

    This basically rendered all my tech useless. I've come to the conclusion, a week later that the only solution is to replace all hardware. I had to physically open my home phone and take out the bluetooth chip off the PCB as the phones were turned into virtual listening devices...

    These attacks are very really and very dangerous.

    The computer I'm on right now is still infected. I bought a new copy of windows 10 ( which comes on a usb stick ), which is now the shittiest paperweight I could ever hope for as the virus replicated on the USB stick.

    The virus actively was collecting metadata and broadcasting to an IP when it senses an internet connection.

    The firmware hack on the router replaced the DNS servers which it's own and performed an SQL injection when trying to access the router setup. Upgrading the firmware did not work.

    The virus uses a "spinlock" technique on the processor threads and has gained root on every system I owned.

    This attack seemed very personal. Using the spectrum tool in linux I was able to see it was logging keys, broadcasting my physical location and going as far as to tell the temperature at the location I was currently at.

    I feel I was personally targetted, as I was told so when I booted into linux. A certain set of demands were made upon myself, and if they were not met, threats of releasing personal phone calls, voice recordings, etc would come to fruition.

    This has had me shook up.

    I wish there were someone I could talk to about it, but I no longer have a secure email that wasn't hacked, nor phone that hasn't been turned into a listening/logging device except for the throwaway phone I bought to make important calls. This phone too has bluetooth which I haven't turned on. For all I know though, this phone too has been compromised.

    For reference, the router is an Actiontec MI424 rev I.

    I'm at a loss as what to do besides pick up all the pieces and start over.

    mikeMarch 1, 2016 1:54 AM

    Hard Drives and DVD drives that once worked fine, now make silly annoying noises of all kinds. I am pretty sure it is the government making my life difficult because of my non-compliance. I will buy a new hard drive or DVD drive and will run them for a while disconnected, and they make no annoying noises, but then after connecting to a system, it is not long before they start making annoying noises. I have found firmware for some of the drives, and for one hard drive it worked, but the DVD drives still make annoying noises. The hard drive was running very very slow, making excessive head activity noise, and after the firmware flash it worked fine. I ran it for a while on a PC that seemed to be "safe", and it was fine and transferring data at normal speed. I then attach it to a PC I know is infected, and it was fine for the first boot, but on booting the second time it was hacked again and slow and noisy. I plugged it back into the other PC and it was still slow and noisy, so I flashed the firmware again and it was back to normal again.

    Is there anyway to recover hacked motherboard firmware? I have not had any luck as yet in taking back "ownership" of motherboards that get hacked. I have tried removing AC power and CMOS battery for days, and then flashing BIOS chip, but still it is infected. I bought an EPROM programmer to program BIOS chips, and the code on the chips verified against the correct vendor BIOS version. Therefore, I wonder where do "they" store their control code? Are there secret "Big Brother" EPROM chips built into the motherboards, that retain their code even when the boards have no power source? Laptops and old motherboards have separate EPROM chips that store BIOS passwords, that cannot be bypassed or erased by normal methods. Maybe the BIOS chips themselves have hidden storage locations, that cannot be overwritten or accessed without secret knowledge?

    bpMay 26, 2016 6:18 PM

    what we really need is someone to write a code using this vulnarability that displays a message on load "Your computer is compromised. You cannot wipe and reload the operating system to rid of this virus. It is easy to spread this virus and very hard to remove it."

    if enough systems were infected, AND it told users how they were being hit, people would be forced to acknowledge and fix this glaring security flaw.

    problem is... the morality of such a suggestion means i would not try it.

    Leave a comment

    Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

    Photo of Bruce Schneier by Per Ervland.

    Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.