In all probability your CD/DVD drive is very likely a USB device and
contains a USB controller which (I believe) has a high probability of
being infectable due to read-mostly memory. Even if the startup code of
the BIOS is not susceptible to having its control taken away from it by
an infected USB device, one of these days you will boot from the CD/DVD
device to install or repair an OS installation. At that point control
is being passed to the device exactly for the purpose of booting. How
can you be sure that what you booted is what was intended... or that the
boot process didn't already corrupt the boot record of the drive that
it's installing to.
If there's any saving grace here it's that, once the malware has
infected your hard drive the infected bits then reside in the domain of
conventional malware detection code. But, if new age malware checkers
can't read and verify the microcode of the USB controllers the infection
may just start all over again.
Chuck Norcutt
On 10/7/2014 3:35 PM, Moose wrote:
On 10/7/2014 8:40 AM, Daniel Sepke wrote:
In my view I think we need to wait and see if there are actually any
documented exploits, outside of international governmental espionage,
that actually affect devices and what ones. It seems that while the
problem that has been discovered is potentially very wide reaching
there is little chance that anyone is actively using this particular
vector effectively yet. The technical skill to break into the actual
code in the firmware appears to be very high and different for each one.
I'm a bit bemused by all this. As others have noted, the bios on my
computers allows me to choose both which devices may be booted from and
in what order. I'm sure that I have never had a computer of mine boot
from USB.
I've been trying to remember for sure. It seems that I've almost never
connected a USB device that I didn't buy new. The only exceptions I can
think of are a couple of used film scanners.
For many of us, certainly not all, this is probably not a meaningful
danger. Knowing that it exists is useful, but hardly something to lose
sleep over.
What is not clear to me, for people in situations like Candace (Nice to
hear from you!) is whether simply plugging a USB device in is a real
threat - and I'm too lazy to read/view all the material to which links
were posted.
You Should Be Moose
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|