Date: Wed, 22 Mar 2017 12:16:55 -0600 From: JD <jd1008@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Filtering Against Persistent Firmware Rootkits - BadUSB, HDDHack, UEFI Message-ID: <58D2BF97.3000109@gmail.com> In-Reply-To: <CAFYkXjkNNpPE4eo50BhewnTxyi5dMsyh-VK7ubrQ4n9r18c5RQ@mail.gmail.com> References: <CAD2Ti28Lh7hr=kD0UbrDGm6rfCyNqd8%2BZvGJ=Do8etbU1gyTSQ@mail.gmail.com> <CAFYkXjkNNpPE4eo50BhewnTxyi5dMsyh-VK7ubrQ4n9r18c5RQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
It is virtually impossible to guard against firmware rootkits because cpu cannot prevent the card's or device's cpu from from executing that code. This was made known by the malware embedded in disk drives' FW, and other peripherals' FW, such as wifi and graphics, to name a couple. It is possible for such device FW to insert malware into, or modify, the RAM resident OS. Apparently making OS's executable segments "non-writeable" can be gotten around. On 03/22/2017 03:19 AM, Tomasz CEDRO wrote: > I have created www.libswd.com and www.iCeDeROM.com for low-level access to > embedded system resources, all developed on FreeBSD :-) Still no interest > from investors/sponsors to support iCeDeROM so I could focus 108% on its > development :-/ > > -- > CeDeROM, SQ7MHZ, http://www.tomek.cedro.info > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58D2BF97.3000109>