Overclock.net › Forums › Industry News › Technology and Science News › [ARS] Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
New Posts  All Forums:Forum Nav:

[ARS] Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps - Page 12

post #111 of 154
I posted after I read the article. I just want to understand how the PC decodes the data that comes in and how does it spread. How can a mic take in data like that. Data that overwrites the BIOS too ahahaha
M1 Abrams
(18 items)
 
Asus G53
(0 items)
Asus G771
(8 items)
 
CPUMotherboardGraphicsRAM
i7 3930K Asus Sabertooth X79 Geforce GTX 780 EVGA SC 3GB + XSPC Waterblock Patriot Viper 3 16GB (4 x 4GB) DDR3 2133 
Hard DriveCoolingCoolingOS
SAMSUNG 840 Series 250GB XIGMATEK Dark Knight II Night Hawk Edition  XSPC 360mm radiator, Raystorm CPU block, D5 pump Windows 10 
MonitorMonitorKeyboardPower
Samsung 2233RZ 22" 120hz QNIX QX2710 27" 100hz Logitech g710+ Corsair AX850  
CaseMouseMouse PadAudio
Corsair Vengeance Series C70 Military Green (Cu... Razer DeathAdder 3.5G Mouse Rug Bose Companion III's Speakers 
AudioAudio
Sennheiser HD 558 Headphones Sennheiser HD 6XX Headphones 
CPUMotherboardGraphicsRAM
Intel 4710MQ Stock OEM Asus laptop board? Nvidia GTX860M 12GB DDR3L  
Hard DriveOptical DriveOSMonitor
Crucial M550 256GB SSD 750GB HDD 7200rpm Windows 8.1 17.3" IPS display (LGD046C) 
  hide details  
Reply
M1 Abrams
(18 items)
 
Asus G53
(0 items)
Asus G771
(8 items)
 
CPUMotherboardGraphicsRAM
i7 3930K Asus Sabertooth X79 Geforce GTX 780 EVGA SC 3GB + XSPC Waterblock Patriot Viper 3 16GB (4 x 4GB) DDR3 2133 
Hard DriveCoolingCoolingOS
SAMSUNG 840 Series 250GB XIGMATEK Dark Knight II Night Hawk Edition  XSPC 360mm radiator, Raystorm CPU block, D5 pump Windows 10 
MonitorMonitorKeyboardPower
Samsung 2233RZ 22" 120hz QNIX QX2710 27" 100hz Logitech g710+ Corsair AX850  
CaseMouseMouse PadAudio
Corsair Vengeance Series C70 Military Green (Cu... Razer DeathAdder 3.5G Mouse Rug Bose Companion III's Speakers 
AudioAudio
Sennheiser HD 558 Headphones Sennheiser HD 6XX Headphones 
CPUMotherboardGraphicsRAM
Intel 4710MQ Stock OEM Asus laptop board? Nvidia GTX860M 12GB DDR3L  
Hard DriveOptical DriveOSMonitor
Crucial M550 256GB SSD 750GB HDD 7200rpm Windows 8.1 17.3" IPS display (LGD046C) 
  hide details  
Reply
post #112 of 154
Quote:
Originally Posted by Slaughtahouse View Post

I posted after I read the article. I just want to understand how the PC decodes the data that comes in and how does it spread. How can a mic take in data like that. Data that overwrites the BIOS too ahahaha

at least in the case of the macbook air, they have onboard mics and speakers.

and you can initiate a EFI update within OS X. That's what the article appears to explain with the random reboot.
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
post #113 of 154
Wow..so I'm not crazy after all.I have experienced this.Two things come to mind, hardware backdoor and Non Secure America.
Amelia
(13 items)
 
Professional
(13 items)
 
RCPC#1
(17 items)
 
CPUMotherboardGraphicsRAM
Phenom II X6 1100t MSI 890FX GD65 MSI Radeon HD5670 GSkill RipjawsX DDR3 PC3 12800 2x4GB CL8 
Hard DriveOptical DriveCoolingOS
WD Black 1TB SATA III Samsung BD Zalman 9900MAX Windows 7 64 Professional 
MonitorKeyboardPowerCase
AOC 22" LED Logitech Kingwin Lazer Platinum 500w Fractal Design R3 
Other
Samsung 470 SSD 128GB 
CPUMotherboardGraphicsRAM
AMD Phenom II X6 960T Asus M4A88T-VEVO Asus Strix R7 370 SuperTalent Perfomance 
RAMHard DriveHard DriveOptical Drive
GSkill Snipers Monster Daytona Seagate Barracuda 500GB 7,200 RPM 16Mb cache Memorex DVD/RW 
CoolingOSMonitorKeyboard
Corsair H60 Windows 8N IBM 9494 19" LCD IBM 
PowerCaseMouseMouse Pad
Corsair GS500 In Win H-Frame Wolfking OCZ Behemoth 
Audio
JBL Creature 
  hide details  
Reply
Amelia
(13 items)
 
Professional
(13 items)
 
RCPC#1
(17 items)
 
CPUMotherboardGraphicsRAM
Phenom II X6 1100t MSI 890FX GD65 MSI Radeon HD5670 GSkill RipjawsX DDR3 PC3 12800 2x4GB CL8 
Hard DriveOptical DriveCoolingOS
WD Black 1TB SATA III Samsung BD Zalman 9900MAX Windows 7 64 Professional 
MonitorKeyboardPowerCase
AOC 22" LED Logitech Kingwin Lazer Platinum 500w Fractal Design R3 
Other
Samsung 470 SSD 128GB 
CPUMotherboardGraphicsRAM
AMD Phenom II X6 960T Asus M4A88T-VEVO Asus Strix R7 370 SuperTalent Perfomance 
RAMHard DriveHard DriveOptical Drive
GSkill Snipers Monster Daytona Seagate Barracuda 500GB 7,200 RPM 16Mb cache Memorex DVD/RW 
CoolingOSMonitorKeyboard
Corsair H60 Windows 8N IBM 9494 19" LCD IBM 
PowerCaseMouseMouse Pad
Corsair GS500 In Win H-Frame Wolfking OCZ Behemoth 
Audio
JBL Creature 
  hide details  
Reply
post #114 of 154
I honestly can't take this guy seriously as he claims to be a pro security researcher.
Quote:
He soon theorized that infected computers have the ability to contaminate USB devices and vice versa.

Really? Did it take him 3 years to come up with that theory? This was too obvious from the start. If you got infected you better check your USB thumbdrives and anything associated or attached to the infected computer. I bet he used the infected thumbdrive on the PC which he claimed to be air-gapped with a clean OS install from CD. The article never mentions exactly how the system was isolated and tested. Did he firmware flash it, installed the OS, and then used a USB thumbdrive that he thought was clean but was really infected? Or did he actually isolate it by firmware flashing, installing the OS from CD, and then make sure all wireless connections are disabled and completely isolated the system from any network access, and then used a freshly bought USB thumbdrive on the system and then the thumbdrive got infected? Cause if he did this then yeah the malware would be scary and complicated because it would be hiding itself onboard the laptop's flashable ROM space somewhere.
Quote:
He still doesn't know if a USB stick was the initial infection trigger for his MacBook Air three years ago, or if the USB devices were infected only after they came into contact with his compromised machines, which he said now number between one and two dozen.

More than likely his USB thumbdrive got infected from one machine and passed it on to the other machines. But since the malware has been claimed to be so well written it would've been difficult to use an A/V to scan for it anyways. On Windows PC's most organizations make you scan your USB drive for virus infections before you're allowed to use them on those PC's. But honestly most people are too lazy to do it because if you have a lot of files on USB it will take a while to scan them all. The article makes no attempt to explain how this guy even uses his USB thumbdrives and did he even practice the best security practices being a pro security researcher and all? Most people will just brush it off and never do a virus scan on USB thumbdrives because it takes time. So they are under the assumption that their drive is safe and fine with no infections.
Quote:
Ruiu said he arrived at the theory about badBIOS's high-frequency networking capability after observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer.

Instead of continuing to further make a bunch of theories, why not test it? Anyone can make theories all day long but until they're actually tested it's still only a theory and there's no validation in what the malware uses for communication. The idea of using high frequency noise on speakers is not as farfetched as it sounds. I remember back when I got my first computer I didn't have a microphone and I used my speakers as a microphone wiring it to the microphone jack; so it is plausible for high frequency 2 way communications through speakers. But without any testing validating the claims of the theory it remains just that, a theory.

Microphones and speakers are really that similar, tutorial:
http://www.instructables.com/id/SPKR-MiK--How-to-make-a-microphone-from-a-speaker/
Quote:
With the speakers and mic intact, Ruiu said, the isolated computer seemed to be using the high-frequency connection to maintain the integrity of the badBIOS infection as he worked to dismantle software components the malware relied on.
Still no word on any testing methods and no confirmation of the theory that high-frequency is used.
Quote:
Originally Posted by mth 
There are some simple tests that could confirm or deny several of these theories. For example, connect an oscilloscope to the speaker pins and check if there is a high-frequency signal there. Find a PC with a BIOS flash ROM that is either socketed or can easily be desoldered, wait for it to exhibit infected behavior, pull out the chip, image it and compare the image to the image installed by the firmware updater.

It is odd, to say the least, that a security consultant wouldn't have tried things like this if he thinks his lab has been infected for three years.
This is what a user commented and suggested. Why not try it and confirm the theory instead of continuing to make new theories?

The only thing I can conclude that this is bad journalism and the author did not do enough homework digging into the information. I mean really look at the article title "Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps" that is a pretty bold claim with the jumping airgaps without any solid proof. There's no proof of verifiable facts in the article that make the claims of "jumping airgaps" true. The author said he's been writing journalism for 17 years, I would've expected better from Arstechnica and somebody with 17 years of writing experience. Maybe if the headline was "Meet "badBIOS," the mysterious Mac and PC malware that can possibly jump airgaps" then I'd see the article as slightly more accurate as there's no conclusive data that verifies it really does that.

Bios viruses aren't new and even a poster on Reddit provided a link to readily available rubber ducky USB drives that can easily hijack your system.

Link here:
http://hakshop.myshopify.com/products/usb-rubber-ducky

Here's also a proof of concept video pointed out by a Redditor showing Mitnick explain how you could carry out an attack using a micro-controller which are basically on every USB thumbdrive in existence.
http://www.youtube.com/watch?feature=player_detailpage&v=btLiG9K1_EU#t=2400

Plot twist, the NSA wrote this program in order to spy on us citizens just in case someone blew the whistle on the PRISM program. But really, what is the purpose of this malware besides hijacking? Stealing data? I don't see any other usage for this malware besides spying or stealing data.
Skylake Is Here!
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 6700K Batch #L535B021 4.7Ghz @ 1.296V GIGABYTE G1 Gaming GA-Z170X-Gaming 7 EVGA Geforce GTX 970 SSC ACX 2.0+ G.SKILL TridentZ 16GB DDR4 3000 
Hard DriveHard DriveHard DriveCooling
Samsung 950 Pro M.2 512GB  Crucial BX100 250 GB SanDisk SSDPlus 240 GB NZXT Kraken X61  
OSMonitorKeyboardPower
Windows 8.1 & 10 Dell UltraSharp 2913WM 21:9 2560x1080 Ducky Shine 4, CODE WASD, Deck Legend, G710+ EVGA SuperNova G2 850W 
CaseMouseMouse PadAudio
Phanteks Enthoo Evolv ATX Mid-Tower Ducky Secret SteelSeries Fostex Purple Heart TH-X00 
Audio
AKG K553 Pro, Philips SHP9500, Superlux 668B, S... 
  hide details  
Reply
Skylake Is Here!
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 6700K Batch #L535B021 4.7Ghz @ 1.296V GIGABYTE G1 Gaming GA-Z170X-Gaming 7 EVGA Geforce GTX 970 SSC ACX 2.0+ G.SKILL TridentZ 16GB DDR4 3000 
Hard DriveHard DriveHard DriveCooling
Samsung 950 Pro M.2 512GB  Crucial BX100 250 GB SanDisk SSDPlus 240 GB NZXT Kraken X61  
OSMonitorKeyboardPower
Windows 8.1 & 10 Dell UltraSharp 2913WM 21:9 2560x1080 Ducky Shine 4, CODE WASD, Deck Legend, G710+ EVGA SuperNova G2 850W 
CaseMouseMouse PadAudio
Phanteks Enthoo Evolv ATX Mid-Tower Ducky Secret SteelSeries Fostex Purple Heart TH-X00 
Audio
AKG K553 Pro, Philips SHP9500, Superlux 668B, S... 
  hide details  
Reply
post #115 of 154
Quote:
Originally Posted by anoob View Post

I honestly can't take this guy seriously as he claims to be a pro security researcher.
Really? Did it take him 3 years to come up with that theory? This was too obvious from the start. If you got infected you better check your USB thumbdrives and anything associated or attached to the infected computer. I bet he used the infected thumbdrive on the PC which he claimed to be air-gapped with a clean OS install from CD. The article never mentions exactly how the system was isolated and tested. Did he firmware flash it, installed the OS, and then used a USB thumbdrive that he thought was clean but was really infected? Or did he actually isolate it by firmware flashing, installing the OS from CD, and then make sure all wireless connections are disabled and completely isolated the system from any network access, and then used a freshly bought USB thumbdrive on the system and then the thumbdrive got infected? Cause if he did this then yeah the malware would be scary and complicated because it would be hiding itself onboard the laptop's flashable ROM space somewhere.
More than likely his USB thumbdrive got infected from one machine and passed it on to the other machines. But since the malware has been claimed to be so well written it would've been difficult to use an A/V to scan for it anyways. On Windows PC's most organizations make you scan your USB drive for virus infections before you're allowed to use them on those PC's. But honestly most people are too lazy to do it because if you have a lot of files on USB it will take a while to scan them all. The article makes no attempt to explain how this guy even uses his USB thumbdrives and did he even practice the best security practices being a pro security researcher and all? Most people will just brush it off and never do a virus scan on USB thumbdrives because it takes time. So they are under the assumption that their drive is safe and fine with no infections.
Instead of continuing to further make a bunch of theories, why not test it? Anyone can make theories all day long but until they're actually tested it's still only a theory and there's no validation in what the malware uses for communication. The idea of using high frequency noise on speakers is not as farfetched as it sounds. I remember back when I got my first computer I didn't have a microphone and I used my speakers as a microphone wiring it to the microphone jack; so it is plausible for high frequency 2 way communications through speakers. But without any testing validating the claims of the theory it remains just that, a theory.

Microphones and speakers are really that similar, tutorial:
http://www.instructables.com/id/SPKR-MiK--How-to-make-a-microphone-from-a-speaker/
Still no word on any testing methods and no confirmation of the theory that high-frequency is used.
This is what a user commented and suggested. Why not try it and confirm the theory instead of continuing to make new theories?

The only thing I can conclude that this is bad journalism and the author did not do enough homework digging into the information. I mean really look at the article title "Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps" that is a pretty bold claim with the jumping airgaps without any solid proof. There's no proof of verifiable facts in the article that make the claims of "jumping airgaps" true. The author said he's been writing journalism for 17 years, I would've expected better from Arstechnica and somebody with 17 years of writing experience. Maybe if the headline was "Meet "badBIOS," the mysterious Mac and PC malware that can possibly jump airgaps" then I'd see the article as slightly more accurate as there's no conclusive data that verifies it really does that.

Bios viruses aren't new and even a poster on Reddit provided a link to readily available rubber ducky USB drives that can easily hijack your system.

Link here:
http://hakshop.myshopify.com/products/usb-rubber-ducky

Here's also a proof of concept video pointed out by a Redditor showing Mitnick explain how you could carry out an attack using a micro-controller which are basically on every USB thumbdrive in existence.
http://www.youtube.com/watch?feature=player_detailpage&v=btLiG9K1_EU#t=2400

Plot twist, the NSA wrote this program in order to spy on us citizens just in case someone blew the whistle on the PRISM program. But really, what is the purpose of this malware besides hijacking? Stealing data? I don't see any other usage for this malware besides spying or stealing data.

Exactly my thought, this article seems to be sensationalist. The guy is a supposed pro and is apparently struggling to understand how a virus work. It would take 3 years for my mom to realize her usb drives are infecting her computer. This guy is making a living off fighting viruses he should know all there is to know about the subject already.
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
post #116 of 154
'The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed.' Then why was it receiving packets? Surely if it's magically receiving input from another source (sound supposedly, according to this article) then it wouldn't need to receive the data in the form of network packets.
post #117 of 154
Calling Halloween hoax. This is the perfect 2spooky4me type story for techies on Halloween.
post #118 of 154
Quote:
Originally Posted by Katawa View Post

'The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed.' Then why was it receiving packets? Surely if it's magically receiving input from another source (sound supposedly, according to this article) then it wouldn't need to receive the data in the form of network packets.

I am trying to figure that out, too. Say you've managed to set up the speakers on one machine to transmit and the microphone of another to receive UHF signals. That's all well and good, but what mechanism on the receiving machine says "Oh you know what, this isn't just sound, these are instructions! I'm going to get right to work!" I mean, is there a codec just lying there waiting for something other than human gibberish to come across the pipe?
Cen2
(12 items)
 
  
CPUMotherboardRAMHard Drive
i3-4130 ASUS Z87M-Plus CT2KIT51264BA1339 WD5000AAKX  
Hard DriveHard DriveHard DriveOptical Drive
WD30000FYYZ WD30000FYYZ WD30000FYYZ WH14NS40 
CoolingOSPowerCase
RR-B10-212P-G1 FQC-06950 SSR-450RM Fractal Define Mini 
  hide details  
Reply
Cen2
(12 items)
 
  
CPUMotherboardRAMHard Drive
i3-4130 ASUS Z87M-Plus CT2KIT51264BA1339 WD5000AAKX  
Hard DriveHard DriveHard DriveOptical Drive
WD30000FYYZ WD30000FYYZ WD30000FYYZ WH14NS40 
CoolingOSPowerCase
RR-B10-212P-G1 FQC-06950 SSR-450RM Fractal Define Mini 
  hide details  
Reply
post #119 of 154
Quote:
Originally Posted by roleki View Post

I am trying to figure that out, too. Say you've managed to set up the speakers on one machine to transmit and the microphone of another to receive UHF signals. That's all well and good, but what mechanism on the receiving machine says "Oh you know what, this isn't just sound, these are instructions! I'm going to get right to work!" I mean, is there a codec just lying there waiting for something other than human gibberish to come across the pipe?
Any device on a network is constantly listening for a header it recognizes to signal the start of a valid transmission, anything not recognized is discarded. It seems like either the virus would have to carry a whole new communication protocol with it or highjack an existing one the OS can already deal with. Probably easier/smaller to redirect a packet from an unexpected source than have to carry a whole new communication protocol?
Not SLi any more
(18 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 @ 4.0 Asus P6TD-Deluxe EVGA GTX770 SC 6GB XMS3 @1530 cas7 
Hard DriveHard DriveHard DriveOptical Drive
Intel X25-M 80GB OCZ Agility 120GB Intel X25-M 40GB LG Blue ROM DVD RW 
CoolingOSMonitorKeyboard
Water cooled w/ T-Balancer BigNG Win 7 x64 Asus PB298Q Cherry 4100L 
PowerCaseMouseMouse Pad
Corsair HX1000 MM UFO-U2 R.A.T. 7 Contagion G.L.I.D.E 9 
AudioAudio
Xonar Essence STX SR80i, DT770 or HT-R518 w/ Monitor Audio BR's 
  hide details  
Reply
Not SLi any more
(18 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 @ 4.0 Asus P6TD-Deluxe EVGA GTX770 SC 6GB XMS3 @1530 cas7 
Hard DriveHard DriveHard DriveOptical Drive
Intel X25-M 80GB OCZ Agility 120GB Intel X25-M 40GB LG Blue ROM DVD RW 
CoolingOSMonitorKeyboard
Water cooled w/ T-Balancer BigNG Win 7 x64 Asus PB298Q Cherry 4100L 
PowerCaseMouseMouse Pad
Corsair HX1000 MM UFO-U2 R.A.T. 7 Contagion G.L.I.D.E 9 
AudioAudio
Xonar Essence STX SR80i, DT770 or HT-R518 w/ Monitor Audio BR's 
  hide details  
Reply
post #120 of 154
Man, you guys talk as if this guy has all the time in the world to figure this out. It was probably a project put off, hence why the computer was air gaped. You know, so it didn't infect his network, he probably didn't even know other computers were infected. He probably has this thing, called a life. Where you know, people go away and do things that don't relate to computers, internet, or message boards. =O Yeah, there is life out there beyond those doors.

Anyways, to those who don't understand the sound thing. It's the same idea behind radio signals, you have a device listen for a specific frequency. All that mumbo about 5GHz ranges and stuff should ring a bell for those who aren't proficient in this. If the specific frequency (radio too) isn't hit, then the data is ignored. Once it gets a signal from a set frequency range, it'll read the signals to find the header packets. The rest is the same as standard networking and stuff. Not rocket science.

And then we have this: "I bet he used the infected thumbdrive on the PC which he claimed to be air-gapped with a clean OS install from CD."

Or, the infected machine didn't actually re-flash the firmware. You could easily update the built in firmware updater, so that it "plays nice". Which would be very dubious. Or boot to floopy, wich has a "flash" program. Instead of the proper hardware memory points (flash chip) it "writes" to empty system ram or does a fake flash. Strip the firmware number from the proper firmware and the user knows nothing.

You act as if this crap is a simple whipe and done. Stuff got crazy up in that crib!
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [ARS] Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps