a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by Leshik
Leshik  ·  4038 days ago  ·  link  ·    ·  parent  ·  post: Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps

Very interesting, and this is pretty damn scary if it's real. I'm pretty skeptical on this being real though. It sounds like a horror story for Halloween.

If an infected machine is disconnected from the network, and the speakers removed... how is this going to even possibly transmit? This is some sci-fi stuff right here. Viral transmission via audio is crazy, and I'd LOVE to see anything transmit strictly through audio wave signal alone. The implications behind figuring out how to do that could greatly surpass any of the negative implications behind badBIOS itself. Essentially if this is at all real, the implications would indicate I could construct and then transmit a specific frequency from my smartphone to any machine with a built in microphone on a network and pentest the hell out of that given network. If anything, it's potentially being surface disguised as audio transmission and in reality being transmitted via a wifi signal. A desktop with wired ethernet only, and no speakers should have absolutely no way to transmit anything so long as it has been disconnected from a network.

Either way, if you're not already following @dragosr you probably should if you're in the IT world.





Meriadoc  ·  4038 days ago  ·  link  ·  

I wouldn't be too suspicious. The guy's career is built on reputation. He wouldn't risk it for a silly joke. Besides, if you ask most anyone in cybersec, they will tell you that this is very, very possible. Multiple governments have used similar things before, albeit perhaps not all at once (or perhaps they have, but it hasn't been released publicly). The only suspicious thing is why HE was the target.

pseydtonne  ·  4038 days ago  ·  link  ·  

Wait, why are you promoting the guy's Twitter if you're suspicious?

I got more suspicious because of the audio transmission portion, but that was after the article mentioned OpenBSD getting a problem. If this guy is such an expert, then he should have no problem testing a desktop system without audio connections. Instead he "noticed" a high-pitched whine but hasn't analyzed it in the two weeks since mentioning it on his Google Plus feed. Note also that said feed has not been updated since October 26th or so (it just says "six days ago" on Hallowe'en).

There are lots of missing parts in his own writing. When I tear down weird installs or set up new boxes, I write a lot of notes. I'm in tech support and technical writing, so I know the format that conveys boring facts effectively. This rambles too much. Something is unfocused, and that doesn't speak well.

I guess what's most suspicious is that he has this uber-malware that can spread almost psychically to any OS on a Wintel box. However he's the only person reporting it.