News BadBIOS malware claimed to defeat air-gaps

I'm still confused - HOW exactly is an un-infected computer supposed to get infected through a sound wave? The mic jack means nothing to a computer and is NOT a data communication port, so the only way for it to translate sound into data is through a program that can interpret it. But, if it takes software to interpret the sound into actual executable code, what's the point of interpreting sound in the first place? Why not just include the entire virus as a single package? The only answer I can think of is "it helps elude anti-malware programs" but I find that a little hard to believe.

Either way, the virus idea is really creative.

 

As has been stated many times it doesn't infect via sound, it is thought to only uses it as a self repair mechanism when you disable/remove all other means of communicating like the LAN, WiFi, Bluetooth, then you start to clean the infection by removing parts of it or enabling/disable devices it will use the audio link (supposedly) to undo the work you are doing to remove it.

I'm guessing if you disabled the WiFi and all other ways for it to communicate in the BIOS it would fall back to the ultra sound to re-enable its connection to other infected devices.

 

Well the only way to clean the network (once you have isolated the cause) would be to identify the exact cause, and dis-infect in a clean room, which in the normal case would be simply disconnect all network cards, which is where the sound hacks come into play. If he had only one infected machine that would be simple.

He definitely could have cleaned his machines one by one in a different location, but then he wouldn't have been able to research the problem in detail. In research context there is plenty of reasons to not wipe the infection, until you have learnt everything you want, the main one being well research

 

I don't see why it wouldn't you are after all cancelling a sound waveform, you just make sure the sound cancelling technology has a high enough range

 

^^Assuming you're talking about 'active noise cancelling' this technology focuses on cancelling sounds audible to humans.

 

I pulled out my MIC since 2005.

 

You could probably just tape something dense with a bit of foam backing over the mic. That would probably be enough to attenuate the signal on the receiving. High frequencies are easier to stop.

Anyway the dude physically disabled the mic as part of his testing.

Once you are aware that it is happening its quite straight forward to stop.

 

Ahem, ladies and gentlemen: http://www.rootwyrm.com/2013/11/the-badbios-analysis-is-wrong/

 

^^

 

This guy seems to be focusing to much on the BIOS side of things, understandable as that's his thing. But im not sure it has even been claimed that BadBios is purely a firmware based virus, simply that it has the ability to target a computer's BIOS, and possibly other firmware standards.

Does the word "target" mean its written entirely in the firmware code, or does "target" mean it can manipulate or introduce hooks in the firmware to other parts of the virus ?

 

First off man is the guy trying to brag in the opening lines (https://yourlogicalfallacyis.com/appeal-to-authority)

Also he is trying to refute something that was never claimed in the audio section (the air-gaping while the OS is running)

 

Researcher skepticism grows over badBIOS malware claims

 

Greetings!