Thread: Idle fun for net hackers..
View Single Post
  #120   Report Post  
Posted to uk.d-i-y
The Natural Philosopher[_2_] The Natural Philosopher[_2_] is offline
external usenet poster
  
Posts: 39,563
Default Idle fun for net hackers..
Jules Richardson wrote:
On Thu, 01 Mar 2012 06:30:06 +1100, Rod Speed wrote:

Tim Watts wrote
The Natural Philosopher wrote
exactly, An undetectable change that results in no detectable activity
by anyone in the whole universe is not a security risk.
You may have a "potentially detectable" change, but for any practical
detection mechanism, I feel fairly safe in asserting that it could
potentially be hacked so as not to leave a trace *detectable by the
detection mechanism".
Doesnt matter if you are fairly certain or not, there are obvious
examples where that isnt possible. Most obviously with a full restore
from image using a machine that isnt even net accessible.

Technically, is it possible to re-flash a PC's BIOS from a binary running
with sufficient permissions under the host OS, such that malicious code
could potentially run undetected following reboot, regardless of whether
hard disk contents were restored from an image on another system?


It is not clear that Linux uses the BIOS at all, except to boot..

I SUPPOSE the bios might write something to the disk during boot..

I've never heard of it happening, but I'm curious whether it could in
theory be done.


Its sort of along the lines of 'well you have smashed down the front
door and all you are going to steal is a magazine?'

in other words, given that sort of access, you could find easier targets.

Obviously what you want to build is a daemon that doesn't show up in the
process table, either as a process or in terms of RAM used,... doesn't
get logged, whose internet accesses don't get recorded in the machines
ethernet statistics.. so its probably going to be a new ethernet
driver..oh, and it must have the same file length and checksum as the
proper one. And you must erase all entries in all logfiles relating to
your access to install it.

Whilst all that is theoretically possible, I am not sure that I could
actually find a way to implement it, let alone install it. And YOU want
a boot ROM to do that?

Hmm.





cheers

Jules




--
To people who know nothing, anything is possible.
To people who know too much, it is a sad fact
that they know how little is really possible -
and how hard it is to achieve it.
Reply With QuoteReply With Quote