1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Intel responds to Vault 7 UEFI malware with Chipsec module

Discussion in 'Article Discussion' started by Gareth Halfacree, 10 Mar 2017.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    10,574
    Likes Received:
    793
  2. Wwhat

    Wwhat Member

    Joined:
    2 Oct 2005
    Posts:
    263
    Likes Received:
    1
    " without suggesting - given previous claims that national security agencies routinely intercept hardware deliveries in transit in order to inject malicious code - exactly how one would be sure of that fact.

    I would think you'd have a database somewhere with hashes of said firmware so you can compare. Problem being that of course they could intercept your link to said database and inject a fake hash to make it seem OK.
    So perhaps you need to go to another country like Russia and consult a DB there to be sure. While simultaneously Russians would go to another country to make sure their government didn't mess with their systems.
    Anyway - it's good news for the airlines I guess :)
     
  3. leexgx

    leexgx CPC hang out zone (i Fix pcs i do )

    Joined:
    28 Jun 2006
    Posts:
    1,324
    Likes Received:
    8
    Its really rubbish that EFI has poor security (I guess if you reflash the bios and it fails to let you then you mite have a compromise bios)
     
  4. Cthippo

    Cthippo Can't mod my way out of a paper bag

    Joined:
    7 Aug 2005
    Posts:
    6,783
    Likes Received:
    101
    Is any of this an indication that tech companies are less willing to cooperate on backdoors and access than they once were?
     

Share This Page