Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security

Submission + - Analysis of a hardware backdoor (ksplice.com)

An anonymous reader writes: Remember Reflections on Trusting Trust? We know we can't trust our compilers, or our operating systems, or our userspace software. Now even our hardware might be out to get us. This post describes how to install a backdoor in the "expansion ROM" of a PCI card, which patches the BIOS to patch GRUB to patch the Linux kernel to give the controller remote root access. The upshot is that even if the compromise is detected and the victim reinstalls the operating from CD, the backdoor will still be there. Now you know why the NSA builds all its own hardware!
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Analysis of a hardware backdoor

Comments Filter:

COMPASS [for the CDC-6000 series] is the sort of assembler one expects from a corporation whose president codes in octal. -- J.N. Gray

Working...