Sanity check time- Firmware exploits as new vector for cyberattack?
Monty J. Harder
mjharder at gmail.com
Wed May 21 13:16:44 CDT 2008
Of course it's a danger. If you build hardware that allows the firmware to
be updated remotely, you're vulnerable to malware that deliberately bricks
it.
Good design for firmware would put a very minimal block of code in true ROM,
which would be sufficient to load a firmware update into flash memory. It
might require physical access to a special switch to do that, but it would
prevent bricking the hardware due to a bad flash operation, whether
malicious or merely accidental.
Another option is to include a large public RSA key for the hardware
manufacturer in the ROM, which would be used to authenticate any firmware
updates. Since that smacks of "tivoization", I'd say allowing the owner of
the hardware to bypass that with the aforementioned physical switch would
probably be a good bet; just use the RSA key to validate remotely loaded
updates.
On Tue, May 20, 2008 at 11:34 PM, Oren Beck <orenbeck at gmail.com> wrote:
> http://www.darkreading.com/document.asp?doc_id=154270&WT.svl=news1_1
>
> Bull or danger?
>
> --
> Oren Beck
>
> 816.729.3645
> _______________________________________________
> Kclug mailing list
> Kclug at kclug.org
> http://kclug.org/mailman/listinfo/kclug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kclug.org/pipermail/kclug/attachments/20080521/a0909a75/attachment.htm>
More information about the Kclug
mailing list