This is what I thought when viewing my latest computer that came with an UEFI bios. That the UEFI BIOS is to large and too complex and has way to many functions to be a BIOS device, hence a perfect place to put advanced malware.<p>It's like an operating system before the operating system, has its own FAT32 system partition where you can store stuff.<p>Also after a few years your manufacturer will stop shipping uefi BIOS updates for your computer due to their interest in selling new computers and then there will be a lurking security whole laying around.
This is the most interesting Hacking Team revelation yet.<p>First, a production UEFI bootkit! Yahoo! That's a milestone.<p>Second, fiddling with Bitcoin wallets. Between the bootkit and the Bitcoin fiddling, Hacking Team is just a small step away from a Zeus Botnet. That is, HT is hanging ten on the precipice of crime, it looks like.<p>Third, this line from HT CEO David Vincenzetti:<p><i>a modification of the actual Bitcoiin [sic], something different, fully traceable and supported by clearing houses and the global financial system as a whole might have a future.</i><p>If truly Vincenzetti's viewpoint, that line demonstrates a slide to authoritarianism. According to accounts, Vincenzetti was an early privacy advocate. A cypherpunk wouldn't be able to speak the phrase "fully traceable" except as an insult.<p>Are we seeing the result of money corrupting, or are authoritarian world views the inevitable result of working in the defense industrial complex?
Look up Computrace; it's very similar in operation but is installed by default in most BIOS' as a theft-prevention measure.<p><i>Admins managing servers can also opt to buy a server with physical BIOS write-protection, wherein the user will need to put a jumper or turn on a dip switch in order to update the BIOS.</i><p>Motherboards with hardware write-protected BIOSes were common around the turn of the century, when flash EEPROMs started replacing EPROMs for BIOS storage. Too bad the amount of tiny extra BOM cost and what seems to be increasingly buggier BIOSes that require frequent updates has made them mostly disappear...<p>I wonder how much the "it can always be updated later" mentality prevalent today has lead to a higher defect rate in code - it seems to me that if it's harder to change something once it's released, there is more incentive to get it right the first time. I can't remember there being any significant bugs with BIOS in the early machines I used (386/486 era) and those basically never needed to be updated; although PCs have gotten considerably more complex since, especially with things like UEFI, perhaps not all of that complexity is warranted and it wouldn't have manifested itself if BIOS' had remained difficult-to-modify?
All it takes to install a (BIOS) rootkit is root access ... In windows this means answering Yes on the question "Do you want to allow the following program to make changes to your computer".<p>Remember to flash the BIOS if you've been hacked!
Hey guys that BadBios is totally impossible, agreed? What a scrub, UEFI viruses are impossible. lol psychotic break amirite<p>I caught a message on the Windows install rebooot about "Intel AMT activated" during a clean reformat - but in BIOS it shows deactivated on reboot. Kaspersky/Malwarebytes/CCleaner shows clean on every scan for system files - I'm seriously wondering whether I need to dump this machine hardware and all. The cause for the reformat in the first place was a potential virus infection, maybe a rootkit. I didn't want to let it back on my network after I scanned a cryptolocker variant in my temp folder.