#
days.
--
Earn Cash and Prizes [earncashandprizes.info], and get free stuff!
*
*
Re: (Score:2)
by bmo (77928) writes: Alter Relationship
> I've often wondered why we don't see more persistent infections given how firmware is handled these days.
Because writing malware for bioses and firmware means you have to be able to insert your bits of evil into firmware for a multitude of versions of Phoenix BIOS, AMI BIOS, EFI, etc. And that's hard work.
Just look at the OpenBIOS project. Just trying to get that to work on a bunch of motherboards and to stay up to date is sisyphean.
It's more productive to write malware for the OS. It's much less he
o
o
Re: (Score:1)
by Grave (8234) writes: Alter Relationship
Except that when it comes to servers, the differences are far fewer. Target just a few different variations of a Dell or HP motherboard, all with very similar architecture, and the potential for havoc is great.
+
#
Why NIST? (Score:1)
by Gothmolly (148874) writes: Alter Relationship
Why is the government proposing any standards for computer BIOSes? Can you say backdoor? Can you say "abuse of the Commerce Clause" ?
--
Only on Slashdot does an AC get modded Informative for pointing out that the LHC is in Europe.
*
*
Re: (Score:1)
by Anonymous Coward writes:
I would say that an organization called the National Institute of Standards and Technology is exactly the type of organization that would set standards for computer BIOSes. Doesn't mean you have to follow them, if you're worried about it.
All NIST publications are open and available, so it's not like they're going to sneak something in that no one knows about.
o 2 hidden comments
Slashdot Mirror
hsiejebbsj
# days. -- Earn Cash and Prizes [earncashandprizes.info], and get free stuff! * * Re: (Score:2) by bmo (77928) writes: Alter Relationship > I've often wondered why we don't see more persistent infections given how firmware is handled these days. Because writing malware for bioses and firmware means you have to be able to insert your bits of evil into firmware for a multitude of versions of Phoenix BIOS, AMI BIOS, EFI, etc. And that's hard work. Just look at the OpenBIOS project. Just trying to get that to work on a bunch of motherboards and to stay up to date is sisyphean. It's more productive to write malware for the OS. It's much less he o o Re: (Score:1) by Grave (8234) writes: Alter Relationship Except that when it comes to servers, the differences are far fewer. Target just a few different variations of a Dell or HP motherboard, all with very similar architecture, and the potential for havoc is great. + # Why NIST? (Score:1) by Gothmolly (148874) writes: Alter Relationship Why is the government proposing any standards for computer BIOSes? Can you say backdoor? Can you say "abuse of the Commerce Clause" ? -- Only on Slashdot does an AC get modded Informative for pointing out that the LHC is in Europe. * * Re: (Score:1) by Anonymous Coward writes: I would say that an organization called the National Institute of Standards and Technology is exactly the type of organization that would set standards for computer BIOSes. Doesn't mean you have to follow them, if you're worried about it. All NIST publications are open and available, so it's not like they're going to sneak something in that no one knows about. o 2 hidden comments