Legbacore's upcoming "digital voodoo" presentation will reveal an automated means of discovering BIOS defects that are vulnerable to remote attacks, meaning that your computer can be compromised below the level of the OS by attackers who do not have physical access to it.
A common threat-model for secure computing anticipates that a computer that is not physically compromised can be trusted if it is booted into a clean, secure operating system, like Tails, a privacy-oriented operating system recommended and used by Edward Snowden. Though there's been long suspicion that spy agencies have exotic means of remotely compromising computer BIOS, these remote exploits were considered rare and difficult to attain.
Legbacore founders Corey Kallenberg and Xeno Kovah's Cansecwest presentation, scheduled for next week, automates the process of discovering these vulnerabilities. Kallenberg and Kovah are confident that they can find many more BIOS vulnerabilities; they will also demonstrate many new BIOS attacks that require physical access.
Computers whose BIOS is compromised cannot be booted into a trustworthy state, because the BIOS can trick the operating system about what the underlying machine is doing. This means that a computer targeted by a BIOS attack could leak private communications and keys, even if it is booted with Tails.
He claimed that even other Tails protections, such as the memory wiper and offline mode, would not save it from the malware he and Kovah created. “We can just write the secrets you scrape to non-volatile storage and just wait until we have access to the internet to exfiltrate that data to the attacker.
“If an attacker has remote software accessged is coming after you.”
'Voodoo' Hackers: Stealing Secrets From Snowden's Favorite OS Is Easier Than You'd Think [Thomas Fox-Brewster/Forbes]
The video conferencing app Zoom has become suddenly ubiquitous over the past few weeks, as the coronavirus shutdown closes schools, businesses, and keeps us all indoors. Shares of Zoom dropped 9% on Monday, adding to their sharp declines in recent days, as security and privacy vulnerabilities are reported. There is also new competition from other […]
“Researchers conclude that Zoom uses non-industry-standard cryptographic techniques with identifiable weaknesses and is not suitable for sensitive communications.”
The suddenly popular videoconferencing app Zoom has issued a patch for a vulnerability in its Windows client that allowed attackers to steal the user’s Windows login credentials from malicious chat links. Hi @zoom_us & @NCSC – here is an example of exploiting the Zoom Windows client using UNC path injection to expose credentials for use […]
Yoga studios are closed nationwide. The irony is that between the anxieties of the outside world and those popping up inside your very own home with everyone trapped indoors, there’s probably never been a time where yoga’s calming zen was more vital and needed. Rather than just throwing in the yoga mat and subjecting family […]
The workers aren’t inside their physical business space anymore. So why should business technology still be under that roof either? In fact, more and more businesses have been making this migration for a while now, moving all their digital infrastructure to the world’s two largest cloud services platforms, Amazon Web Services (AWS) and Microsoft’s Azure. […]
Gather round, young and old — and hear tales of bygone days. Back in olden times, citizens would mass at a house of coffee, wherein skilled java alchemists would concoct special blends and apply artisanal wizardry to make each steaming chalice an appointment for the taste buds. Granted, said wizards, once known as baristas, were […]