dslreports logo
Search similar:


uniqs
449

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC
kudos:18
·Bell Fibe Internet

siljaline

Premium Member

Why Firmware Is So Vulnerable to Hacking

Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It
quote:
When Kaspersky Lab revealed last week that it had uncovered a sophisticated piece of malware designed to plant malicious code inside the firmware of computers, it should have surprised no one.
»www.wired.com/2015/02/fi ··· an-done/

For those socially inclined:
»twitter.com/WIRED/status ··· 52087041


More on the Equation Group - (Houston in the Blind)
»securelist.com/blog/rese ··· th-love/

Bill_MI
Bill In Michigan
MVM
join:2001-01-03
Royal Oak, MI
kudos:2
·WOW Internet and..
TP-Link Archer C7
Linksys WRT54GS
Linksys WRT54G v4

Bill_MI

MVM

I'm 60 years old and hope to God I live to see the great awakening when people will gasp at the thought of carrying around or running software (or hardware) hidden from their view and written in someone else's interest.

The outcry is currently way below critical mass so, unfortunately, it'll take a big disaster that can't be spun like it is now.
TheMG
Premium Member
join:2007-09-04
Canada
kudos:4
·NorthWest Tel
MikroTik RB450G
Cisco DPC3008
Cisco SPA112

TheMG to siljaline

Premium Member

to siljaline
1) The "convenience" of being able to update/alter firmware without any hardware intervention.

2) The push to bring new products to market very quickly.

Both result in security being an afterthought or overlooked completely.

In many cases, securing the firmware would be as simple as the inclusion of a hardware write-protect switch or jumper. But that would take away from the convenience of being able to push firmware updates strictly through software and also the added cost of a switch or jumper due to the penny-pinching that goes in consumer electronics design/manufacturing.

jap
Premium Member
join:2003-08-10
038xx

jap to Bill_MI

Premium Member

to Bill_MI
said by Bill_MI:

I'm 60 years old and hope to God I live to see the great awakening when people will gasp at the thought of carrying around or running software (or hardware) hidden from their view and written in someone else's interest.

You might appreciate today's Featured Article over at Ars. It's not, IMO, as well structured a piece as we generally get from Ars but nonetheless raises fair dystopian points on where our shared computing space is headed.
»arstechnica.com/informat ··· ngerous/

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC
kudos:18
·Bell Fibe Internet

siljaline to Bill_MI

Premium Member

to Bill_MI
New smoking gun further ties NSA to omnipotent “Equation Group” hackers
quote:
The Kaspersky researchers once again stopped short of saying the hacking collective they dubbed Equation Group was the handiwork of the NSA, saying only that the operation had to have been sponsored by a nation-state with nearly unlimited resources to dedicate to the project. Still, they heaped new findings on top of a mountain of existing evidence that already strongly implicated the spy agency. The strongest new tie to the NSA was the string "BACKSNARF_AB25" discovered only a few days ago embedded in a newly found sample of the Equation Group espionage platform dubbed "EquationDrug." "BACKSNARF," according to page 19 of this undated NSA presentation, was the name of a project tied to the NSA's Tailored Access Operations.
»arstechnica.com/security ··· hackers/