> I forget which blackhat event, they showed how you can think you are > flashing a bios. But the malware will remain.
That's creepy. Don't most BIOS flashing utilities do a verification? Or perhaps the flashing utility itself is what was compromised in the blackhat demo. Another reason why doing a flashrom under Tails, and then reading it back, is a good idea of your motherboard supports it. Pretty hard for malware to fake that (at least without some additional flash storage to do its tricks). At the very least, using a slightly "unexpected" utility like flashrom helps dodge the obvious hacks. (Similar to someone's post in reply to the Laptop internet sharing thread, that using a *different* VM isolation on the laptop, KVM/Qemu or whatever, might be a good idea. For an attacker to have to compromise Xen *and* Qemu, makes for a busy project to say the least. It'd very likely stop any automated virus in its tracks.) JJ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ffcae9624e249cbad5d63a261173cf47.webmail%40localhost. For more options, visit https://groups.google.com/d/optout.
