Jump to content

Halloween badBIOS


hoople
 Share

Recommended Posts

  • Root Admin

He has 12 to 24 computers in this condition but has not provided any of them to another outside firm to investigate, why?

 

The BIOS or UEFI firmware can be fully decoded like any other electronic device so why not have someone do that for him.?

 

Perhaps in the realm of possibility but the way the story is reported doesn't give it a lot of credibility.

Link to post
Share on other sites

He has 12 to 24 computers in this condition but has not provided any of them to another outside firm to investigate, why?

 

The BIOS or UEFI firmware can be fully decoded like any other electronic device so why not have someone do that for him.?

 

Perhaps in the realm of possibility but the way the story is reported doesn't give it a lot of credibility.

 

That does make it "suspect".

Link to post
Share on other sites

My first reaction is simply that is is a load of BS, and that he's just telling a story to get attention. This was reinforced when it got to the audio part of the story.

It's not that I don't believe that BIOS/firmware infections are possible (or even that I believe that they don't exist), it's just that in nearly 4 years of working for security companies I have never heard or seen a real-life malware researcher mention finding such an infection in the wild. It seems like the only people discussing them are people who claim one or more of their computers has these seemingly magical infections.

Basically, I believe this to be a fraud, and I have a feeling that no one will ever be able to verify his story with anything other than stories of their own.

Link to post
Share on other sites

"The airgapped machine is acting like it's connected to the Internet," he said. "Most of the problems we were having is we were slightly disabling bits of the components of the system. It would not let us disable some things. Things kept getting fixed automatically as soon as we tried to break them. It was weird."

 

if the ability for *whatever* it is to "fix" some items is indeed true and is somewhat adaptive to environmental conditions , there is a possible way to prove this ...

simply use an adjustable low pass filter on the audio going to the speakers and a similar circuit between the microphone and audio input point for the microphone .

if indeed the "infection" is adaptive , lowering the pass frequency in small steps over time should "force" the supposed communication method down into the audible range of human hearing .

 

it is also no big deal to monitor the supposed communications at the supposed native ultrasonic frequencies ...

the technology to do this has been around for a very long time (think late 1920s) ; it is called "heterodyning" (the mixing of two frequencies to produce other frequencies) .

another method is to simply look at the audio output and/or microphone input circuit with an oscilloscope or audio spectrum analyzer for "suspicious activity" .

 

there is much about the "facts" in the article and time-proven and simple tests for the supposed method of intercommunication that have not been mentioned or tried .

there is no "great mystery" about ultrasonic communications/data transfer and the tests or methods of monitoring/discovery .

Link to post
Share on other sites

  • Root Admin

Back in the early 80 in one of my classes on lasers we built and tested passing a laser beam onto the window of another building and hooking it up to a tape recording device and we could hear conversation in the room.  Lot of technology to determine what's going on.

Link to post
Share on other sites

yep ... and you could have used amplitude modulation or frequency (doppler shift) modulation detection .

 

i used to have a solar cell capacitively coupled to a preamp and then fed the resulting signal into a small fm transmitter that i picked up on my car radio .

the headlights of an oncoming car would be modulated by the vibrations of the vehicle ... sounded interesting .

Link to post
Share on other sites

Back in the early 80 in one of my classes on lasers we built and tested passing a laser beam onto the window of another building and hooking it up to a tape recording device and we could hear conversation in the room.  Lot of technology to determine what's going on.

Yes, the technology is certainly possible to build, however in the case of an infection doing this from the BIOS... How would it interface with different audio chipsets from different vendors? Not every BIOS is capable of emitting sound through the speaker system, so they would have to implement their own audio drivers for each audio chipset that they would likely encounter.

Just another reason why I expect that the story is just a story...

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.