Page 3 of 3 FirstFirst 123
Results 21 to 25 of 25

Thread: Live CD is secure agaist BIOS malwares ?

  1. #21
    Join Date
    May 2010
    Beans
    10

    Re: Live CD is secure agaist BIOS malwares ?

    Yes, IF everyone switch to use Live CD for banking. But, good luck convincing millions of Windows users to magically drop Windows, download a Linux LiveCD and start doing everything from there. Still, when that happens, developing a malware for Linux itself is still far easier than writing a complicated BIOS code. Crackers want short-term profit, not long-term investment. (but writing BIOS codes aren't exactly long term either, because new updates will just obsolete the malware out)

    Like what others have said, you shouldn't worry about the moon falling down the Earth, but instead start worrying about real security threats that can potentially compromise your system. Start configuring firewalls, encryption and stuffs, and leave the BIOS problem for later.
    is that possible a factory make a Bios which update itself automatically when the computer turned on ?

  2. #22
    Join Date
    Mar 2011
    Beans
    669

    Re: Live CD is secure agaist BIOS malwares ?

    Possible but a bad idea and it doesn't exist.

    in windows people have no Apparmor ...
    I didn't realize we were discussing Windows. Securing a windows computer is much more difficult.
    and keeping system patched make no sense against real hackers
    I disagree. There is no "cost of exploit" when the exploit code is on metasploit or simply provided to the attacker. Forcing them to find a new exploit helps.

    from your seen maybe it be complex and risky payload over days/weeks but as they make millions$ from it so they will do it very well ..
    It's not really about the payoff. To write to your BIOS they need root. Once they have root they can just use (incidentally) the BIOS for direct disk access and come up with a way more reliable way to infect you.

    Anyways, the best way to prevent an attack is to prevent and restrict root. That means, for Ubuntu, using apparmor.

    (by the way dual-BIOS motherboard is a joke ? user will never know he infected or not .. antivirus don't scan bios ...)
    You have a clean BIOS backup though if you ever do get infected.

    I don't think I can stress enough just how annoyingly difficult it would be to infect someones BIOS. Yes, for a targeted attack there is the potential for it but there are so many easier ways to get what they want.

    Regardless of this your focus should be restricting programs and services. That's the best defense.

  3. #23
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Live CD is secure agaist BIOS malwares ?

    Quote Originally Posted by sa3er3 View Post
    if all the people switch to use Live CD for banking instead of windows then they will move to hijacking the BIOS .. because that is what we wanna tell to all our companies to use Live CD for serious jobs
    as all users have windows no linux so its not complicated rootkit. they easily can get root. then there is no too much Bios in the market. they just make a few one and will hit a big percent of people ...

    so please think again

    in windows people have no Apparmor ...
    and keeping system patched make no sense against real hackers

    from your seen maybe it be complex and risky payload over days/weeks but as they make millions$ from it so they will do it very well ..

    as we grow using Live CD they focusing on the Bios mate. as its the only safe way so it will happen soon

    (by the way dual-BIOS motherboard is a joke ? user will never know he infected or not .. antivirus don't scan bios ...)
    LiveCD for banking? I would be more concerned with browser exploits than having my BIOS "infected." Especially when browsing from a livecd that potentially does not have the latest updates installed.

    Quote Originally Posted by sa3er3 View Post
    is that possible a factory make a Bios which update itself automatically when the computer turned on ?
    A BIOS update has to be user initiated.

    In short: Listen to Hungry Man and Ms Daisy - they know what they are talking about.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  4. #24
    Join Date
    Apr 2008
    Location
    LOCATION=/dev/random
    Beans
    5,767
    Distro
    Ubuntu Development Release

    Re: Live CD is secure agaist BIOS malwares ?

    Quote Originally Posted by CharlesA View Post
    LiveCD for banking? I would be more concerned with browser exploits than having my BIOS "infected." Especially when browsing from a livecd that potentially does not have the latest updates installed.
    +1

    Browser exploits are the most common way of compromising a system and the best defence against browser exploits is to use a fully patched and updated browser.

    Unless you are updating your Live CD's every time your browser of choice is patched/updated then I would say you run the risk of being less secure using a Live CD than a fully patched normal installation.
    Cheesemill

  5. #25
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,214
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Live CD is secure agaist BIOS malwares ?

    Quote Originally Posted by Cheesemill View Post
    On modern machines you can alter BIOS settings and even flash the BIOS completely from a running OS if you have root access. So by compromising a machine you could then flash it with a 'trojan' BIOS which would take effect the next time the machine was booted.
    As you mention though, except in very specific known configurations and required outcomes it would be far easier to take the normal attack route of finding vulnerabilities in the OS or installed software rather than going down the BIOS route.
    I've added emphasis to the critical point I've been addressing. The OP has proposed getting a machine with no hard disk at all, thus no operating system, and booting it from a Live CD which he's presuming to be infection-free. Thus the only time that an intruder could gain root access would be while the presumed-clean CD had booted and gained a network connection. BIOS could not enter into the picture until after the system had already been compromised.

    That's why I'm insisting that his worry about the BIOS is a total red herring. If he has taken normal precautions in using the Live CD, and avoided all social engineering ploys, he will be as safe as any networked user can ever be.

    This, in turn, implies that wasting his efforts attempting to defend against a remotely possible attack sometime in the future is counter productive. Like the malware authors, he should be picking the low-hanging fruit first by selecting the safest possible browser, practicing safe use of the system, and all the "normal" precautions...

    And even then, of course, he's still at moderately high risk since it will take only one idiot user to click on a bad link when browsing, and his "secure" system will become part of a botnet...
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

Page 3 of 3 FirstFirst 123

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •