Re: Cleaning a computer - any other views here?




"Tim Jackson" <tim@xxxxxxxxxxxxxxxxx> wrote in message
news:yc-dnYIInuYkH-TUnZ2dnUVZ8qydnZ2d@xxxxxxxxxxxxxxxxx
John D wrote:

I have been led to believe that the BIOS on a motherboad can be
attacked/infected but I have no knowledge of how one may check and/or
'clean' same.


It can, but it isn't a likely attack route. The method varies
according to the make and model of motherboard, and some boards have a
jumper that must be set to allow any writing the flash ROM at all, or
have a hard-coded alarm that warns you when writing is being enabled.
So it is an unreliable and expensive method for a hacker.

If you want to check, then look into your motherboard's flash update
utility (probably on the CD that came with it, or on the
manufacturer's website) and see if you can copy the existing flash
contents. If so then you can make a baseline copy, and periodically
repeat the process to make sure you continue to get the same data.

You can probably find a security utility somewhere that will mirror
the BIOS area of the memory map, which is pretty much the same thing
in most cases

And don't forget your tinfoil helmet to keep aliens from controlling
your brain.


Tim Jackson.

I appreciate this information, Tim. Thank you for taking the time and
trouble to post.

In another group, Shenan Stanley MVP said .........

"If the 'gremlin' was in the BIOS - the only writable media I know about
that could act in the way you are implying internal to the machine with
your "somewhere on the motherboard" comment - you've been more than
infested with malware."

Even whilst wearing my tinfoil helmet, my last PC was, I'm certain,
deliberately attacked - so there!

--
John


.



Relevant Pages

  • Re: Cleaning a computer - any other views here?
    ... but it isn't a likely attack route. ... The method varies ... GNU GENERAL PUBLIC LICENSE ... Gnomovision comes with ABSOLUTELY NO WARRANTY; ...
    (alt.computer.security)
  • Re: [Full-disclosure] Attacking the local LAN via XSS
    ... perform cross domain requests, however this is fixed in Flash 8. ... vulnerable to XSS url that will embed Java Object which will perform ... More sophisticated attack vectors are also ...
    (Full-Disclosure)
  • Re: Cleaning a computer - any other views here?
    ... You can probably find a security utility somewhere that will mirror the BIOS area of the memory map, which is pretty much the same thing in most cases ... And don't forget your tinfoil helmet to keep aliens from controlling your brain. ... "If the 'gremlin' was in the BIOS - the only writable media I know about that could act in the way you are implying internal to the machine with your "somewhere on the motherboard" comment - you've been more than infested with malware." ... I never heard reports of an attack "in the wild" that works that way. ...
    (alt.computer.security)
  • Re: Cleaning a computer - any other views here?
    ... I'm still considering how best to answer you, Tim! ... but it isn't a likely attack route. ... And don't forget your tinfoil helmet to keep aliens from controlling ... What were the characteristics of this malware, ...
    (alt.computer.security)
  • Re: OK, this is driving my batfuck crazy.
    ... expensive camera and flash them. ... The riders, blinded by the flash, will ... run around and only attack you if they recover, ...
    (rec.games.roguelike.nethack)