1. The severity in cases where firmware is already infected at the time of first purchase by the user is now being realized over the years. Be it the Dell server case , Seagate firmware case , Equation Group , Proof of Concept for even Macs , NSA revelations by Snowden and the list is pretty long to workout.Over various discussions and forums I read across I could never get any kind of implementing a solution to detect a threat at the firmware level not before I read about about the first such attempt via Google VirusTotal.
2. Google’s VirusTotal
service has come-out with a new tool that analyzes firmware, the low-level code
that bridges a computer’s hardware and operating system at startup.
The new tool will label firmware
images as either legitimate or suspicious. It can also extract
certificates attached to firmware and if there are other executable
files inside of it. The tool can extract portable executables (PEs) inside firmware since these could sometimes be a source of malicious behavior.
“These executables are extracted and
submitted individually to VirusTotal, such that the user can eventually
see a report for each one of them and perhaps get a notion of whether
there is something fishy in their BIOS image,” Santos wrote.
3. It will now be possible for people to extract their own firmware and submit it to VirusTotal, which has the potential to create a database of various firmware images that could contribute to research into bad ones.
4. No details could be fetched across of how it actually works.But happy about there being a kind of first.More options wil arise after this circulates around and we have a secure eco-system of web.
0 comments:
Post a Comment