|
It is currently Mon May 13, 2024 2:51 am
|
|
Page 1 of 1
|
[ 2 posts ] |
|
Implementing and Detecting a PCI Rootkit
Author |
Message |
RB
Emperor
Joined: Wed Apr 16, 2003 1:25 am Posts: 2560
|
Implementing and Detecting a PCI Rootkit
_________________ ++
|
Sat Jan 13, 2007 3:55 pm |
|
|
Satis
Felix Rex
Joined: Fri Mar 28, 2003 6:01 pm Posts: 16650 Location: On a slope
|
Is it me, or does that article seem a bit like a paid endorsement for "Trusted Computing"...which just means that the manufacturers take away your control of your own computer.
Anyway, I seem some weaknesses in the argument.
1. The argument assumes that overwriting a FLASHable area of a PCI device or the system BIOS is feasible...this has several flaws.
a. system bios is (or should be) set to nonwriteable by default, with the only way to turn off the writeability to be prior to BIOS transferring control to the hard drive. I'm not sure if that's the way it is, but I do know that most (all) BIOS can be set to virus-safe. This presumably will defend against any overwriting attempts.
b. There's no standard PCI interface. BIOS is controlled by a small group of manufacturers, so a flaw in the BIOS protection could cause massive vulnerability. With PCI this is not the case. I would find it hard to point at any single device that even 5% of the PCs in the world contain, especially with a similar BIOS structure. Any kind of exploit would target such a small group as to be useless...you'd be better exploiting something with a larger penetration capability.
2. Trusted computing seems to be hailed as the saviour for root kits...but that's BS too. There's nothing that can be done that won't contain flaws. Look at DVD...it was built with security in mind, and has long been cracked. Even the HD disks have been cracked already, and they haven't been on the market very long. Like most DRM, chances are the only thing that Trusted computing will hurt are legitimate users.
Anyway, pardon my rant, but Trusted computing is IMO a very, very bad thing. I will never buy a computer that has "Trusted Computing" built into it. I control my PC...not the manufacturer.
_________________ They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.
|
Sun Jan 14, 2007 2:47 pm |
|
|
|
Page 1 of 1
|
[ 2 posts ] |
|
Who is online |
Users browsing this forum: No registered users and 1 guest |
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum
|
|