Monday, August 03, 2015

Researchers show firmware hack of MacBook is possible


Jack Varcarel of Wired reports on a “proof of concept” firmware infection of the MacBook, in an article here.  He also notes that Dell and Lenovo, at least, have been more proactive in protecting firmware than Apple, so the idea that Macs are automatically safer isn’t always true.

A firmware infection would happen in two steps.  First, a phishing link or possibly infected site would load some introductory malware (which a virus scanner should detect). The malware could lead to firmware infection if a subsequent infected device (like an Ethernet adapter) were inserted.  Bad Ethernet adapters might be sold on e-commerce sites.  This sort of scenario is more likely with industrial or political espionage (even state-sponsored) than ordinary home users.
  
One particular vulnerability was called “Thunderstrike 2”.  Normal antivirus software won’t find firmware infections.

Darlene Storm has a similar story in "The Fix" in PCWorld here

No comments: