On 12/15/2017 12:54 PM, Matteo wrote:
I disagree when you say nooone is going to backdoor your bios. I think its
very common nowadays.
Actually no it isn't - unless you have managed to ruffle the feathers of
a state actor such as the FSB or MSS.
I have never heard of a real proven BIOS hack of anyone even a serious
military intelligence target let alone a common law abiding citizen who
simply managed to piss off some guy in a chat-room or what not, I am
sure it has been done many times but despite being active in the
firmware modification community I haven't heard about it.
as far as i know there is computrace that is an anti theft system that
gain persistence over the os by dropping an exe that windows will load
at boot time but this works only over fat32 and ntfs (not encrypted).
i heard also about lenovo doing the same thing for ads or whatever. and
after people got angry they released a bios patch to opt-out.
but i wouldn't say "very common".
Computrace uses a windows utility to do this not direct code injection
so using linux or simply disabling it in your vendor BIOS would solve
the issue of an out-dated problematic exe being forcibly loaded.
If you wish for better security you can use a coreboot board with open
source silicon init (not purism, get the libre RYF kcma-d8 or the lenovo
g505s laptop for instance) otherwise while you can use an external flash
clip to read back the BIOS and make sure it hasn't been modified you
still would be vulnerable to manufacturer security problems, ME etc.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/ba5da426-2d01-a6d6-1cd3-c3c863af9bc0%40gmx.com.
For more options, visit https://groups.google.com/d/optout.
