Chuck
Thanks for that. I think that I had heard of it; we’re disallowed from using
any USB devices on the MOD network, but I’m not sure that the reason is to do
with that re-writable area of code.
I suppose that it means that we should not put anyone else’s USB stick in our
computers – at the very least.
Chris
On 5 Oct 2014, at 14:46, Chuck Norcutt <chucknorcutt@xxxxxxxxxxxxxxxx> wrote:
snip
> The really serious problem with the USB device as the attack vector is that
> it cannot be detected in any conventional way. The malware exists in the
> microcode of the USB device. Today there is no software that read and
> verifies that code nor, if there was, could it even be enabled if the malware
> takes over booting of the machine.
>
> ps: This has nothing to do with Windows, iOS or Linux or any other operating
> system. The infection is in the hardware and all are vulnerable. Sorry to
> ruin your day (as it has mine) but we should all be aware of what's possible.
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|