Overclock.net banner
Cancel
Create thread New Forums

Backdoor feature in hundreds of gigabyte motherboards

Tags
backdoor gigabyte
Jump to Latest
1 - 20 of 55 Posts

Deepcuts

· Registered
Joined
·
368 Posts
Discussion starter · #1 ·
  • Rep+
  • Helpful
Reactions: iamjanco, J7SC, Shardnax and 3 others
Save
Reply Quote Rep+ Rep+
#2 ·
Oh, just wonderful.

Looks like it needs to run a Windows executable, though. I wonder whether it can run from an EFI shell? I have one of the affected boards but it's running Linux. Depends on how well the potential attacker knows the targeted system. Hm.
 
#3 ·
Its on by default as well. First thing I switched off on mine because it would attempt to install there bloatware every time you start your computer.
 
Save
Reply Quote Rep+ Rep+
#5 ·
It's going to need a firmware update, but some of those boards are going back years?

"However, Eclypsium said it’s difficult to conclusively rule out that it is a malicious backdoor planted from within Gigabyte — either by a malicious insider or as a result of the company’s systems being compromised. It’s also difficult to definitively rule out that the backdoor was planted somewhere in the supply chain."

Who would benefit from doing something like this, the professionalism of implementation sounds like it was created by something from a larger scale..
 
Save
Reply Quote Rep+ Rep+
#6 ·
Neo_Morpheus said:
It's going to need a firmware update, but some of those boards are going back years?
Click to expand...
Automatic obsolescence. Please buy another system.

I disabled the equivalent on my Asus board because I knew about it in advance, but didn't realise Gigabyte were also doing this.
 
#7 ·
So I bought an x670E Aorus Master to replace my X670E Carbon Wifi for the following reasons:

MSI lost their f**king signing keys, and have the instabloat loading system for their control centre.
It hasn't got a clock gen, and I'm stuck on 26th on the timespy leaderboard and I think I can do better.

Got the Master because the Taichi was ÂŁ50 more expensive

Ah well Situation Normal All F*cked Up
at least I avoided the Asus special version of F*cked Up Beyond All Recognition
 
#8 ·
Yeah those singing keys from MSI .. oo nasty
 
Save
Reply Quote Rep+ Rep+
#9 ·
Interesting that it only seems to be more recent boards, could've sworn my Z390 board did something similar. Oh well, now that everyone knows about this I'm sure it'll get patched or blocked via either Windows/MS or Gigabyte.

I am also sure that other vendors do something similar, so let's see when they get outed :)
 
#10 ·
Looks like I'm in the clear...
 
Save
Reply Quote Rep+ Rep+
#11 ·
Backdoors are there because of Big Brother insistence.
 
  • Helpful
Reactions: 1Kaz and Solohuman
Save
Reply Quote Rep+ Rep+
#12 ·
disabling the gigabyte utilities BS in bios is first thing any enthusiast should be doing anyway. On by default. set to disabled. No more tears.

Firmware update to what set it default disabled? Funny how they make things seem so serious. OH it's going to need a major firmware overhaul, Reality simple bios update changes setting to default disabled.
 
#13 ·
Gunderman456 said:
Backdoors are there because of Big Brother insistence.
Click to expand...
'Big Brother' didn't tell specifically Gigabyte to do this, to use an unencrypted connection for it, nor to refrain from verifying the provenance of downloads it initiates. It seems to be an ill-conceived implementation of an auto-update feature that was then enabled by default. Could have been setup with malicious intent, but far more likely it just wasn't thought through.
 
  • Rep+
Reactions: Mergatroid
Save
Reply Quote Rep+ Rep+
Discussion starter · #14 ·
Save
Reply Quote Rep+ Rep+
#15 ·
Deepcuts said:
Am I missing something very obvious or what utilities are your referring to?
Click to expand...
On the afflicted boards there is a setting in the tools menu to allow it to install gigabyte control center. Your board doesn't have the feature.
 
  • Rep+
Reactions: Deepcuts
Save
Reply Quote Rep+ Rep+
#16 ·
Blameless said:
'Big Brother' didn't tell specifically Gigabyte to do this, to use an unencrypted connection for it, nor to refrain from verifying the provenance of downloads it initiates. It seems to be an ill-conceived implementation of an auto-update feature that was then enabled by default. Could have been setup with malicious intent, but far more likely it just wasn't thought through.
Click to expand...
"Never attribute to malice that which is adequately explained by stupidity."
 
  • Rep+
Reactions: rs199208
Save
Reply Quote Rep+ Rep+
#17 · (Edited)
It's been fixed. Check the Gigabyte site.
 
  • Rep+
Reactions: fuyume
Save
Reply Quote Rep+ Rep+
#19 ·
Very annoying popup on windows when I first got my gb board... It was the first thing I disabled.
And it's the first thing I disable if I have to reset my bios. It's not only a security issue but very annoying.

I bought a motherboard, why is the motherboard trying to install software? Makes no damn sense.

I bet other brands do the same, leave my windows alone, thank you..
 
#20 ·
Cheezman said:
"Never attribute to malice that which is adequately explained by stupidity."
Click to expand...
Once is happenstance.
Twice is coincidence.
The third time is enemy action.
- Auric Goldfinger

Bond had some of the best nemeses. And some of the worst, for that matter.
 
1 - 20 of 55 Posts
About this Discussion
54 Replies
26 Participants
Last post:
Veii
Overclock.net
posts
28M
members
562K
Since
2004
The premier forum for overclocking experts and enthusiasts. Discuss hardware optimization, custom builds, benchmarking, cooling solutions, and pushing the boundaries of computing performance. From beginner guides to extreme overclocking, join our technical community to master system tuning.
Full Forum Listing
Explore Our Forums
Intel CPUs Hardware News NVIDIA PC Gaming Water Cooling