Possible to circumvent any low level malware?
-
- Posts: 7
- Joined: 2024-12-10 00:17
- Has thanked: 2 times
Possible to circumvent any low level malware?
Is there any way to safeguard against low level malware such as a BIOS with backdoors?
-
- Global Moderator
- Posts: 4165
- Joined: 2014-07-20 18:12
- Location: Europe
- Has thanked: 121 times
- Been thanked: 559 times
Re: Possible to circumvent any low level malware?
Hello,
note: discussion moved to "Off-Topic" sub-forum
--BillClinton69 wrote: 2025-01-09 22:20 Is there any way to safeguard against low level malware such as a BIOS with backdoors?
note: discussion moved to "Off-Topic" sub-forum
- Hallvor
- Global Moderator
- Posts: 2145
- Joined: 2009-04-16 18:35
- Location: Kristiansand, Norway
- Has thanked: 170 times
- Been thanked: 240 times
Re: Possible to circumvent any low level malware?
Enable secure boot? Intel's Boot Guard?
[HowTo] Install and configure Debian bookworm
Debian 12 | KDE Plasma | ThinkPad T440s | 4 × Intel® Core™ i7-4600U CPU @ 2.10GHz | 12 GiB RAM | Mesa Intel® HD Graphics 4400 | 1 TB SSD
Debian 12 | KDE Plasma | ThinkPad T440s | 4 × Intel® Core™ i7-4600U CPU @ 2.10GHz | 12 GiB RAM | Mesa Intel® HD Graphics 4400 | 1 TB SSD
-
- Debian Developer
- Posts: 621
- Joined: 2022-07-12 14:10
- Has thanked: 2 times
- Been thanked: 124 times
Re: Possible to circumvent any low level malware?
If your CPU supports Intel TXT you can use the tboot package to build solutions that don't allow backdoored BIOS to tamper with your Linux environment. However, this requires significant research on your part.
-
- Global Moderator
- Posts: 3192
- Joined: 2018-06-20 15:16
- Location: Colorado
- Has thanked: 65 times
- Been thanked: 278 times
Re: Possible to circumvent any low level malware?
About a decade back there was a major supply chain breach that was caught. One of the lessons was the OS in use is entirely irrelevant. Technically, network and cameras and mics can work without an OS. With bios chips, of whatever flavor, exceeding 16,32,64,128MB in size, a fairly capable OS can reside there.
Answer: when discovered, destroy equipment in question.
Look into IPMI to learn just one example of what is possible outside the OS. Any of that tech could be included into a commodity consumer device, and for nefarious duty excluded from the advertised feature set.
Answer: when discovered, destroy equipment in question.
Look into IPMI to learn just one example of what is possible outside the OS. Any of that tech could be included into a commodity consumer device, and for nefarious duty excluded from the advertised feature set.
Mottainai
-
- Section Moderator
- Posts: 1248
- Joined: 2014-06-30 11:42
- Has thanked: 125 times
- Been thanked: 58 times
Re: Possible to circumvent any low level malware?
I understood OP's question to be about how to detect/protect oneself from a backdoored BIOS, like you buy a PC and it's already backdoored.
I guess in such cases you'd need external control, e.g. a firewall (which is not backdoored itself :) to make sure that nothing weird goes in or comes out of your BIOS-backdoored PC, as well as using your PC assuming all the time that whatever you do is being shown on some billboard :)
I guess in such cases you'd need external control, e.g. a firewall (which is not backdoored itself :) to make sure that nothing weird goes in or comes out of your BIOS-backdoored PC, as well as using your PC assuming all the time that whatever you do is being shown on some billboard :)