| |||||||||||||
|
| |||||||||||||
Ronald Minnich of LinuxBIOS on EFIRonald Minnich of LinuxBIOS on EFIPosted Feb 7, 2007 2:54 UTC (Wed) by zlynx (subscriber, #2285)In reply to: Ronald Minnich of LinuxBIOS on EFI by moxfyre Parent article: Second batch of FOSDEM interviews
Everyone should be aware that this "problem", having the system BIOS/firmware/EFI executing unknown code, already exists. This is why the NSA has groups of people who disassemble and examine the firmware of every component of secure government PCs.
So, if vendors desired it, they could already be doing what you fear. There is nothing special about SMM+EFI that SMM+BIOS cannot already do.
Those on-board NICs? How do you know they don't already accept signed code packets from the FBI, NSA, or their Japanese, Taiwanese, Chinese equivalents and execute them in SMM? Like that Firewire unrestricted DMA hack, it'd be a great way to sneak into the system and pull the encrypt keys out of RAM.
And it isn't just the motherboard BIOS to worry about. Operating systems trust the hardware. The OS tells it to read a block and DMA to memory location X. Nothing prevents hardware from reading two blocks and writing to X and Y (except an IOMMU, perhaps). Your video card could by spying on you. It could even be writing the spy data to hard drive or the network: PCI bus mastering allows that.
Why worry about the future when you're already far too trusting.
(Log in to post comments)
Ronald Minnich of LinuxBIOS on EFI Posted Feb 7, 2007 5:15 UTC (Wed) by moxfyre (guest, #13847) [Link] Everyone should be aware that this "problem", having the system BIOS/firmware/EFI executing unknown code, already exists. This is why the NSA has groups of people who disassemble and examine the firmware of every component of secure government PCs.Does the NSA publish their evaluations of such firmware? I know that they *sometimes* publish their evaluations of various cryptography systems (though sometimes keeping them secret, presumably to take advantage of weaknesses). That would be very valuable, I'd say. I know that hardware/firmware can already do such treacherous things... many high-end laser printers secretly reveal their serial numbers and timestamps on every printed page. However, I imagine that the cost pressure and generally chaotic short time scales on which most hardware is produced means that these kind of practices aren't widespread or effective. EFI worries me because it seems to explictly ENCOURAGE and standardize this kind of treachery...
Ronald Minnich of LinuxBIOS on EFI Posted Feb 7, 2007 9:32 UTC (Wed) by eklitzke (subscriber, #36426) [Link] Does the NSA publish their evaluations of such firmware? I don't actually know for sure, but my guess is that securities issues aside, publishing such a technical evaluation would be forbidden because it could reveal the manufacturer's trade secrets. Similarly, it could be construed as an endorsement (or lack thereof). These are all things that the NSA does not want to involve itself with.
Ronald Minnich of LinuxBIOS on EFI Posted Feb 7, 2007 22:07 UTC (Wed) by lutchann (subscriber, #8872) [Link] This is why the NSA has groups of people who disassemble and examine the firmware of every component of secure government PCs. Really? Wouldn't it be easier for them to tell Dell or whoever, "We'll pay you 20x list price for your PCs if you let us compile the BIOS ourselves?" Of course, it wouldn't improve the security of the system one bit to audit the BIOS or other firmware, which is why they could care less what's in there. Military data security is all about paranoia, yes, but let's be serious here...
Ronald Minnich of LinuxBIOS on EFI Posted Feb 8, 2007 0:15 UTC (Thu) by zlynx (subscriber, #2285) [Link] You believe that the government which had cameras installed in Xerox machines shipped to the USSR trusts the firmware provided in computers built in China?
Let's be serious here...
Ronald Minnich of LinuxBIOS on EFI Posted Feb 8, 2007 1:22 UTC (Thu) by lutchann (subscriber, #8872) [Link] If the firmware warrants so much scrutiny then of course the hardware (which is even more likely to be from China) can't be trusted either. Do you think they decap and trace every chip in every computer used in a classified environment?
Ronald Minnich of LinuxBIOS on EFI Posted Feb 9, 2007 16:36 UTC (Fri) by moxfyre (guest, #13847) [Link] Maybe not, but they have TEMPEST to prevent unwanted electromagnetic emmissions, and classified computer networks are physically isolated from non-classified networks. So that rules out a lot of the shenanigans that could happen...
|
|
||||||||||||