- This topic has 23 replies, 10 voices, and was last updated 16 years, 6 months ago by
.
-
Posts
-
A Jumper is not even necessary.
There is an Option that write-protects the BIOS and this Switch can’t be flipped by Software.
Just write protect your Bios and only unlock it when you want to Update it.
[quote1238527228=billpg]
Viruses that mess with the BIOS are very real and nothing new. CIH dates back to 10 years ago.
[/quote1238527228]I just wanted to say that 10 years ago, when I was 14, me and my bestest buddy in the whole world fell out over the CIH virus. He inadvertantly infected my machine and I lost all of my Sim City 2000 saves. I never forgave him.
It’s not just computers that get hurt when a virus stikes.
Hello again everyone. I’m sure you are all sick of this, but we covered several different topics at once, so I hope to nail down some facts.
Q1. Can a process running inside Windows on an NC10 modify the BIOS and have it run in place of the real BIOS?
Let’s leave aside if its likely anyone would even try. Could a hypothetical person who is willing to spend the time researching how to do it, and i’m foolish enough to run any EXE file emailed to me, infect my NC10 with a mal-BIOS? This question is a matter of fact, not opinion.
I don’t know what the answer is, from the responses here, some say ‘Yes’, but Don_Audio says “There is an Option that write-protects the BIOS and this Switch can’t be flipped by Software.” So hopefully all I would have to do is set that option and suddenly my BIOS is unchangable forevermore. Woo hoo.
(If the answer to this is ‘No’, the rest of this post is moot.)
Q2. Can I restore a modified BIOS to a Samsung approved state, without specialist equipment?
I don’t know. But for the answer to be ‘Yes’, there would have to be a read-only pre-BIOS (or a similair mechanism) that allows me to write into the BIOS without any co-operation from the mal-BIOS.
‘Specialist equipment’ could be a JTAG interface. There’s nothing code can do to prevent being overridden by such a low level interface. Pity I don’t have such equipment lying around.
Q3. How likely is it that an attacker would attempt to infect the NC10 BIOS?
Now we have a question of opinion, rather than fact. So far as we know, no-one’s tried it yet and it’s all in the realm of academics and researchers for the moment.
Many here have expressed the opinion that its unlikely, if I may summarise…
A. The baddies can (and do) set up a zombie botnet with just access to the hard disk.
B. The baddies would have to research the NC10 specifically.
C. The NC10 (and mini-laptops in general) are a low-value target for attackers.I disagree, but this just my opinion.
A. BIOS hosted malware would be less detectable and would survive a hard disk wipe. Both valuable to the criminal attacker over hard disk hosted malware.
B/C. An attacker wouldn’t have to research the NC10 specifically. They would be more likely to write code to try all the address ranges and CPU ports where the BIOS tends to live until they get a hit. They wouldn’t know in advance what variety of computer they are attacking, and they wouldn’t care.Q4. What competitors to the NC10 can answer ‘No’ to Q1?
Its looks like this design is common in the mini-laptop market. My choice looks like having to put up with this flaw (as I would see it) or do without a mini-laptops altogether. (I don’t like that second choice.)
I still want an NC10. Its looking like I’m going to buy one anyway. But if, in the future, someone actually does go and spread some BIOS malware that the NC10 is vulnerable to, I shall try very hard to resist my urge to post “I told you so” messages. (I’ll probably fail. I’m weak.)
Thanks for a great discussion, billpg.
You got way to much time on your hands to worry about things that simply dont matter for regular pc users.
Unless your are an genius that works on a flux capacitor nobody wants to even bother with your NC10.
What amazes me is how much time you spend on speculative questions and the overall high level you’re trying to carry the discussion.
I for myself think that everything has been said and that even trying to work through any more speculative questions would be a huge waste of time and energy. Therefore i’ll bail-out of this Discussion.
As TCMuffin said: Carry your Concerns to Samsung Tech Support, they are getting paid to work through this kind of concerns.
Oh and there’s always tin-foil so why not making some nice hats for you and the sammy?
Sorry, no pun but i could not resist… 🙂
[quote1238653405=Don_Audio]
You got way to much time on your hands to worry about things that simply dont matter for regular pc users.Unless your are an genius that works on a flux capacitor nobody wants to even bother with your NC10.
[/quote1238653405]No one wants to attack me personally, yet there are an awful lot of people trying to trick me into running malicious EXEs. In general, they don’t attack individuals, but populations.
The people who wrote (say) Conficker don’t even know who I am. Doesn’t mean I’m not being attacked.
[quote1238653405=Don_Audio]
What amazes me is how much time you spend on speculative questions and the overall high level you’re trying to carry the discussion.
[/quote1238653405]To be honest, the only question I really wanted to ask was Q1 (is it possible). The issue of if it is likely anyone would do this is interesting (to me) but ultimately doesn’t matter (to me).
[quote1238653405=Don_Audio]
I for myself think that everything has been said and that even trying to work through any more speculative questions would be a huge waste of time and energy. Therefore i’ll bail-out of this Discussion.
[/quote1238653405]Thank you for your contribution, especially “There is an Option that write-protects the BIOS and this Switch can’t be flipped by Software.”
[quote1238655253=TCMuffin]
I hate to say this again…..but have you referred your concerns to Samsung Tech Support?
[/quote1238655253]I will, don’t worry.
[quote1238658442=Don_Audio]
Unless your are an genius that works on a flux capacitor nobody wants to even bother with your NC10.
[/quote1238658442]You can actually buy to scale models of these now! Link
[quote1238658736=billpg]Q1. Can a process running inside Windows on an NC10 modify the BIOS and have it run in place of the real BIOS?[/quote1238658736]
Technically yes.[quote1238658736=billpg]Q2. Can I restore a modified BIOS to a Samsung approved state, without specialist equipment?[/quote1238658736]
Maybe, it depends what is done to the BIOS and how Samsungs BIOS flashing utility works.[quote1238658736=billpg]Q3. How likely is it that an attacker would attempt to infect the NC10 BIOS?[/quote1238658736]
Very unlikely, it may be less detectable but the attack would be very targeted on the NC10 and likely wouldn’t even work correctly on the NC10SE due to minor hardware differences (timer), where it may just render it unbootable.[quote1238658736=billpg]Q4. What competitors to the NC10 can answer ‘No’ to Q1?[/quote1238658736]
Very few probably, a lot of computers no matter their type are flashable without a hardware/software lock.If you have any other computers can you say for certain that they are unable to be flashed by some piece of malware?
- You must be logged in to reply to this topic.