Possible to circumvent any low level malware?

Off-Topic discussions about science, technology, and non Debian specific topics.
Post Reply
Message
Author
BillClinton69
Posts: 7
Joined: 2024-12-10 00:17
Has thanked: 2 times

Possible to circumvent any low level malware?

#1 Post by BillClinton69 »

Is there any way to safeguard against low level malware such as a BIOS with backdoors?

Aki
Global Moderator
Global Moderator
Posts: 4165
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 121 times
Been thanked: 559 times

Re: Possible to circumvent any low level malware?

#2 Post by Aki »

Hello,
BillClinton69 wrote: 2025-01-09 22:20 Is there any way to safeguard against low level malware such as a BIOS with backdoors?
--
note: discussion moved to "Off-Topic" sub-forum
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

User avatar
Hallvor
Global Moderator
Global Moderator
Posts: 2145
Joined: 2009-04-16 18:35
Location: Kristiansand, Norway
Has thanked: 170 times
Been thanked: 240 times

Re: Possible to circumvent any low level malware?

#3 Post by Hallvor »

Enable secure boot? Intel's Boot Guard?
[HowTo] Install and configure Debian bookworm
Debian 12 | KDE Plasma | ThinkPad T440s | 4 × Intel® Core™ i7-4600U CPU @ 2.10GHz | 12 GiB RAM | Mesa Intel® HD Graphics 4400 | 1 TB SSD

lindi
Debian Developer
Debian Developer
Posts: 621
Joined: 2022-07-12 14:10
Has thanked: 2 times
Been thanked: 124 times

Re: Possible to circumvent any low level malware?

#4 Post by lindi »

If your CPU supports Intel TXT you can use the tboot package to build solutions that don't allow backdoored BIOS to tamper with your Linux environment. However, this requires significant research on your part.

CwF
Global Moderator
Global Moderator
Posts: 3192
Joined: 2018-06-20 15:16
Location: Colorado
Has thanked: 65 times
Been thanked: 278 times

Re: Possible to circumvent any low level malware?

#5 Post by CwF »

About a decade back there was a major supply chain breach that was caught. One of the lessons was the OS in use is entirely irrelevant. Technically, network and cameras and mics can work without an OS. With bios chips, of whatever flavor, exceeding 16,32,64,128MB in size, a fairly capable OS can reside there.
Answer: when discovered, destroy equipment in question.

Look into IPMI to learn just one example of what is possible outside the OS. Any of that tech could be included into a commodity consumer device, and for nefarious duty excluded from the advertised feature set.
Mottainai

reinob
Section Moderator
Section Moderator
Posts: 1248
Joined: 2014-06-30 11:42
Has thanked: 125 times
Been thanked: 58 times

Re: Possible to circumvent any low level malware?

#6 Post by reinob »

I understood OP's question to be about how to detect/protect oneself from a backdoored BIOS, like you buy a PC and it's already backdoored.

I guess in such cases you'd need external control, e.g. a firewall (which is not backdoored itself :) to make sure that nothing weird goes in or comes out of your BIOS-backdoored PC, as well as using your PC assuming all the time that whatever you do is being shown on some billboard :)

Post Reply