Antivirus software, firewall, USB … … In front of the implant system BIOS of new attack techniques, traditional security defense systems quite inefficient.
At the recent CanSecWest Security Conference, two security experts demonstrated a firmware–UEFI for computer based attacks. PPT of the 81-page paint a scary picture to the world: you can bypass all security software, password control, could not be found, and even replace the hard drive to reinstall the system will not clear the Super virus, simple ways that you can now invade the world tens of millions of PC. Even more frightening is, almost no one showed real attention to such threats.
We use PC hardware module is installed is called the BIOS. BIOS is the bottom of the control system of the system, is responsible for managing basic hardware functionality. If the common operating systems such as Windows, OS x, Linux equivalent of the human brain, then BIOS functions closer to autonomic nerve of the human body. Computer power module is the BIOS of the first run after starting, it guides the individual components such as the memory, video card, start running, and then transferred control to the normal start of the main operating system.
BIOS is the character of the truth, with fewer features, start slow and almost no scalability. Beginning in 2010 for new UEFI BIOS became commonplace. UEFI is equivalent to a modern mini-operating system, support for mouse and graphical interface enables you to manage many of the hardware device and run faster. 2010 years after production of the PC are replaced by UEFI.
BIOS has no defensive security measures. If a piece of malicious code was embedded BIOS, then runs this code even before the operating system boot begins will not be found. But once the system boots, the code is easier to system security software to detect and remove. User’s most sensitive operations are done in the operating system, so if the BIOS virus cannot bypass the defenses of the operating system it is impossible to steal users ‘ privacy.
However security experts discovered a secret channel allows malicious programs to bypass the operating system monitoring: x86 based CPU instruction set has something called system management mode (SMM) special status in this process is transparent to the operating system running. If a malicious program in system management mode to steal sensitive data in computer memory, this basic security software can do. Marc by Marc Jacobs iPhone 6 case
If a malicious program to enter SMM State before it was discovered by anti-virus programs, attacks naturally fail. The security meeting, Xeno Kovah and Corey Kallenberg two experts show exactly how to make the program whole SMM, and completely bypass the security program of scanning and monitoring methods.
They discovered a new generation of BIOS:UEFI there is a loophole, so that code can be easily implanted. Take advantage of such loopholes in procedures in the operating system before starting the SMM State began to run in “stealth” State to steal information. Not only firewall, anti-virus software is unable to find such programs, even specially designed the sandbox security system in the novel thieves front as naked. Such as browser security controls, u shield defense system is now completely failed, more terrible is addition to update BIOS, there is no way to remove this virus–replacing the hard disk is useful. And the user does not know whether they were invaded, naturally, will not take any response.
This UEFI vulnerability is not universal: different vulnerabilities in the UEFI version codes are not the same, so an intruder needs to find the specific types of code to carry out an attack. But some motherboard manufacturers over the years in heavy use of generic code-type in the UEFI firmware, resulting in tens of millions of PC vulnerability characteristic of only a few hundreds of. Just a script can analyze the target computer in a very short time the vulnerability type and use, process was not dragging its feet. Since the majority of users never updated my BIOS, a malicious program once the implant success are almost impossible to clean. Computer a has almost no security at all, traditional security countermeasures–security software, complex password, USB, hidden folders … … Has become a fool’s joke.
Fortunately this terrible threat we face is not helpless. First of all, this attack is very difficult to successfully carried out by means of remote: typically, an attacker needs to gain administrator privileges on the target system, and that in today’s networked world is not an easy job. As long as the user administrator password without leaking or cracked, then secretly implanted remote code is unlikely.
Of course, traditional phishing, malicious links to Trojan attacks can still be used to implant. Once the attack is complete, anti-virus software is malicious program that cannot be found in about the UEFI. So unfamiliar messages, links and sites still need to be on high alert, now your computer was actually more vulnerable than ever before.
Businesses and Government departments, in particular the attention to this new attack techniques. Although the ranged attack is not easy, but if the attacker is able to directly control the computer all is very easy: just two minutes, the attacker a little computer knowledge can follow the simple instructions to easily install Trojans into the target system. From now on, the computer loses all the outerwear, completely transparent to the hacker. Therefore business companies and Government departments to pay close attention to personnel rights management, computers with sensitive data should put an end to lower right contact.
Wanted to bring the security threats of unprecedented patch on which is the only way to upgrade to the latest version of the BIOS firmware. Unfortunately most motherboard manufacturers had not yet begun, and the media is the lack of attention the incident. Exploiting this vulnerability before the attacks caused significant damage, most people will not have enough attention. This just for hackers and criminals more time and opportunity.
Although the threat is huge, but this new BIOS attack technique can be completely blocked. If the motherboard manufacturers have released a new version of BIOS, most firmware upgrade PC to eliminate the vulnerability, hackers no longer an opportunity will return to the world peace. Upgrade BIOS is easier, focus on manufacturers and users aware of the threat and give sufficient attention. If the lack of vigilance, even the smallest degree of security threats are likely to evolve as the storms causing huge losses, then mend it was too late.
Charm Blue Note 2 Marc by Marc Jacobs iPhone6
Charm blue NOTE 2 both hardware and software have changed very much. NOTE 2 power button location changes, and HOME keys are directly used by larger capacitor HOME key, implements more features, is a good solution for big-screen phone control. System, magic blue cancelled a traditional Smartbar Flyme controversial, based on Android 5.1
View details of the voting >>