you are viewing a single comment's thread.

view the rest of the comments →

[–]Drewski 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (2 children)

This is nuts, how do you even defend against this type of attack?

[–]iamonlyoneman 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (0 children)

Use hardware that's airgapped and never online?

[–]HiddenFox 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Would a BOIS flash with a new HDD at the same time work?

I would also think a hash for the UEFI code and some way to compare it so you can check for mods in the code.

After reading more of the article it seem to be very limited in use and requires a lot of investment to get it working. I doubt it is a mainstream attack or ever will be. Also the researchers believe (in one case anyway) that the motherboard itself was modified before even shipping to the customer. IMO this looks like something government would do to target specific people of interest. But hey, who knows, anything is possible.