This has been coming for quite some time (H/T to Jeff):
Triulzi said he’s seen plenty of firmware-targeting malware in the laboratory. A client of his once infected the UEFI-based BIOS of his Mac laptop as part of an experiment. Five years ago, Triulzi himself developed proof-of-concept malware that stealthily infected the network interface controllers that sit on a computer motherboard and provide the Ethernet jack that connects the machine to a network. His research built off of work by John Heasman that demonstrated how to plant hard-to-detect malware known as a rootkit in a computer’s peripheral component interconnect, the Intel-developed connection that attaches hardware devices to a CPU.
I wrote and demonstrated to some folks in D.C. a prototype of something like this in 2004 or 2005. Even before that lots of people knew it was possible.
You can remove all hard disks from your computer, install empty ones, and as the computer is booting up for the first time infect the new hard disk before the O/S even attempts to boot off of the CD drive. Of if you wanted you could just refuse to boot.
Imagine a stealth virus that infected some large percentage of all computers then on September 11th would only perform one function—format any storage device it had control of.
Sleep well.
And yet we still outsource our manufacturing of critical infrastructure components like computer hardware to our enemies. Someday, things will get ugly very fast.
Got (manual) backup?
Sounds like it’s possible (and even probable) that all of our Chinese-made motherboards and other hardware are infected with some bit of nastiness.
What’s the fix? (Preferably in non techno-babble please. 🙂 )
Ray:
The fix may be people like Heasman, Triulzi, and Joe getting rich off of discovering the malware while the rest of us insist Intel etc make chips here (and Intel etc get even richer supplying such).
Rolf:
I envision a new National Geographic tv show: The Rise of the Techno-Prepper.
I have: four-banger calculators with US chips; multiple slide rules (one is none, etc.); log tables; a good stock of paper and #2 pencils; intentions of some day learning to use an abacus. Where do I signup for my tv deal?
Isn’t the secret to evading that doomsday the idea of making a de-novo O/S, putting it on the shelf and never using it until TEOTCWAWKI? If it’s not in use, it would never come to the attention of the spoilers, and it likely could not be infected.
Some of the more obscure versions of Unix have this “stealth” property.
Open source helps a whole lot. With thousands of eyeballs, the opportunity for the bad guy to sneak stuff in is reduced a lot. That’s why I prefer open source operating systems, and use only open source encryption.
Trojan horses can be hidden in surprising places. Firmware is one such spot. Compilers is another, as was shown decades ago in the early days of Unix: http://cm.bell-labs.com/who/ken/trust.html .
A good start is to avoid systems that have a BIOS.