SlideShare is now on Android. 15 million presentations at your fingertips.  Get the app

×
  • Compartir
  • Enviar por correo
  • Insertar
  • Me gusta
  • Guardar
  • Contenido privado
 

[Defcon] Hardware backdooring is practical

de CEO en Toucan System on Jul 29, 2012

  • 139,098 reproducciones

This presentation will demonstrate that permanent backdooring of hardware is practical. We have built a generic proof of concept malware for the intel architecture, Rakshasa, capable of infecting more ...

This presentation will demonstrate that permanent backdooring of hardware is practical. We have built a generic proof of concept malware for the intel architecture, Rakshasa, capable of infecting more than a hundred of different motherboards. The first net effect of Rakshasa is to disable NX permanently and remove SMM related fixes from the BIOS, resulting in permanent lowering of the security of the backdoored computer, even after complete earasing of hard disks and reinstallation of a new operating system. We shall also demonstrate that preexisting work on MBR subvertions such as bootkiting and preboot authentication software bruteforce can be embedded in Rakshasa with little effort. More over, Rakshasa is built on top of free software, including the Coreboot project, meaning that most of its source code is already public. This presentation will take a deep dive into Coreboot and hardware components such as the BIOS, CMOS and PIC embedded on the motherboard, before detailing the inner workings of Rakshasa and demo its capabilities. It is hoped to raise awareness of the security community regarding the dangers associated with non open source firmwares shipped with any computer and question their integrity. This shall also result in upgrading the best practices for forensics and post intrusion analysis by including the afore mentioned firmwares as part of their scope of work.

Estadísticas

reproducciones

reproducciones totales
139,098
reproducciones en SlideShare
22,016
reproducciones incrustadas
117,082

Actions

Me gusta
7
Descargas
285
Comentarios
0

59 insertados 117,082

http://gigazine.net 59522
http://steveblank.com 44379
http://www.theverge.com 8865
http://mobile.theverge.com 1575
http://www.google.com 1238
http://www.cnbeta.com 490
http://www.feedspot.com 176
https://twitter.com 154
http://www.newsblur.com 135
http://cnbeta.com 82
http://translate.googleusercontent.com 74
http://genteconconciencia.es 67
http://newsblur.com 59
http://vz10.tumblr.com 47
http://news.livedoor.com 33
https://si0.twimg.com 25
https://www.google.com 24
http://webcache.googleusercontent.com 24
http://cloud.feedly.com 11
http://arstechnica.com 10
http://sapient.jp 9
https://twimg0-a.akamaihd.net 9
https://www.google.ca 9
http://www.gigazine.net 8
http://us-w1.rockmelt.com 6
http://www.pulse.me 5
http://m.cnbeta.com 3
http://www-open-opensocial.googleusercontent.com 3
http://tweetedtimes.com 2
https://www.rebelmouse.com 2
http://www.google.co.jp 2
https://www.google.fi 2
http://q.feedspot.com 2
https://www.google.co.uk 2
http://orlingrabbe.com 2
http://localhost 2
http://twitter.com 2
http://131.253.14.66 1
http://www.naivix.com 1
https://www.google.com.sa 1
http://www.cnbeta.com.sixxs.org 1
http://blog.livedoor.jp 1
https://www.google.lv 1
http://cc.bingj.com 1
https://yorkcollege.blackboard.com 1
http://www.htkjewfuvr.com&_=1390661087175 HTTP 1
http://www.google.co.uk 1
http://www.marchintosh.net 1
http://www.ighome.com 1
http://snapito.com&_=1376011839686 HTTP 1
Más...

Accesibilidad

Categorias

Detalles de carga

Subido a través de SlideShare como OpenOffice

Derechos de uso

© Todos los derechos reservados

Report content

Marcada como inapropiada Marcar como inapropiada
Marcar como inapropiada

Select your reason for flagging this presentation as inappropriate.

Cancelar
Publicar comentario
Edite su comentario

[Defcon] Hardware backdooring is practical [Defcon] Hardware backdooring is practical Presentation Transcript