| |||||||||||||
What is exactly new in this?What is exactly new in this?Posted May 29, 2008 9:54 UTC (Thu) by ebirdie (subscriber, #512)Parent article: Attacking network cards
With first passing read of the article I couldn't get clear picture, what is exactly new here? There have already been Windows viruses writing to BIOS flash and causing obvious havoc. A year or two ago there was the issue with an wireless adapter firmware cracked to allow access onto an OS X desktop. Is the news here that there is new methods to inject trojan firmware into a running system through remote update mechanisms? Is the increased activity and knowledge in cracking closed source binary blobs (from Windows to firmwares) causing this kind of security vulnerability as a real thread to be taken more into account? Or is it that there quite often plenty space in flash to add unwanted binary and one could only need few hooks into the real firmware code to make it as a trojan firmware?
(Log in to post comments)
Network reflash Posted Jun 5, 2008 11:51 UTC (Thu) by ringerc (subscriber, #3071) [Link] It appears that some NICs can be reflashed over the network with no interaction by the host OS required. The creation of malicious firmware images for such devices is what's new. The very idea is stupid anyway. If you want to flash a bunch of NICs in bulk the right way to do that is to have management software running at the OS level that can properly authenticate the request and then program the flash locally. Just imagine the "fun" involved if someone attacked an iSCSI SAN with this.
|
|||||||||||||