Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researcher Exploits 18-Year-Old Design Flaw To Compromise X86 Chips

Posted by samzenpus on from the protect-ya-neck dept.

jfruh writes: Security researcher Christopher Domas has demonstrated a method of installing a rootkit in a PC's firmware that exploits a feature built into every x86 chip manufactured since 1997. The rootkit infects the processor's System Management Mode, and could be used to wipe the UEFI or even to re-infect the OS after a clean install. Protection features like Secure Boot wouldnt help, because they too rely on the SMM to be secure.

1 of 128 comments (clear)

  1. Re:Stuff by Chris+Mattern · · Score: 4, Insightful

    Why is all the stuff broke? Why does all the stuff have holes in it? Why isn't there any stuff that isn't broke?

    Because it's too complicated. There are too many possible failure modes and many of them can't be seen without a large effort to see them. About the only thing that might eliminate the holes is formal proofs, but that requires not only a complete revamp of how we code but makes coding itself immensely more difficult.

    ARM processors from now on. All this stuff is broke.

    ARM processors are just as broke as everything else. There's just fewer people looking to uncover the holes.