Computer Fright and badBIOS

Okay, so Halloween is over, and it’s time to call the bluff.

I’m not a part of the technical elite, but I do know when something doesn’t pass the smell test. There is something wrong with what Drago Ruiu has been reporting. Since he is such a major figure on the hacking and security scene, there is little excuse for releasing such highly speculative reports.

Is it possible? People who know a lot more than I say that it’s possible. However, those same people say the reports offered by Ruiu are not proper, whether accurate or not. On some hardware, the BIOS can be infected from USB drives. The BIOS could do some of this stuff and could figure out how to fight multiple OSes and multiple hardware architectures. It’s possible that someone has spent enough time and research at a high enough level that it could download the tools to fight with the likes of OpenBSD, Mac and Windows all at once. It’s almost possible to pass a few C&C packets via hypersonic communications from speaker to microphone — just barely possible.

Whoever did this had a time budget, equipment access and expertise equivalent to the likes of a government agency in the US, Israel, and a few other places. A private individual or a small secretive team is altogether improbable. However much this thing actually works as described, it is the product of some elite government spy agency. I tend to believe Ruiu is either playing a game or has some blind spots in his competence.

It’s altogether likely, as Paul Ducklin suggests, that this will all be clarified at one of two upcoming conferences. I suspect it’s not entirely a hoax, but highly exaggerated.

This entry was posted in Uncategorized and tagged , , , , , . Bookmark the permalink.

3 Responses to Computer Fright and badBIOS

  1. I have had similar experiences with malware infecting the BIOS and shutting down Windows computers so I would give the reports some credence. That said, I don’t know enough about how that might work myself either- but I wouldn’t discount to possibility that professional hackers might do.

    • Ed Hurst says:

      I’ve heard of malware BIOS packages in verified reports in the past, but it was always transmitted through the OS. At least one site reporting on this links to supposed bad BIOS packages, but that didn’t pan out. Ruiu’s reports suggest something far more difficult to engineer, and if it took him an honest three years just to get this far, I should think this would be the product of a major project somewhere. Like you, I read a lot more than I actually see and I doubt we actually differ much on this.

  2. Ed Hurst says:

    For “pimp”: You can offer a link, but I don’t permit long comments without some discussion first.

Comments are closed.