Moderators hazelnut Posted January 28, 2006 Moderators Share Posted January 28, 2006 Although I don't fully understand some of this, it still sound worrying. http://www.securityfocus.com/news/11372?ref=rss Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
Eldmannen Posted January 28, 2006 Share Posted January 28, 2006 Yeah, I heard about this. Read something briefly about it, that ACPI has some scripting language (I never knew) and that it can script a rookit. Sounds pretty scary. Be afraid, be very afraid. Link to comment Share on other sites More sharing options...
JohnDemolition Posted January 28, 2006 Share Posted January 28, 2006 so basically if you use *nix or windows, it doesnt matter? that just sucks. Link to comment Share on other sites More sharing options...
lokoike Posted January 28, 2006 Share Posted January 28, 2006 However, the ability to flash the memory depends on whether the motherboard allows the BIOS to be changed by default or if a jumper or setting in the machine setup program has to be changed. I imagine this will probably become a motherboard standard pretty soon, if these BIOS rootkits really do take off. Save a tree, eat a beaver. Save a tree, wipe with an owl. Every time a bell rings, a thread gets hijacked! ding, ding! Give Andavari lots of money and maybe even consider getting K a DVD-RW drive. If it's not Scottish, IT'S CRAP!!! Link to comment Share on other sites More sharing options...
Eldmannen Posted January 28, 2006 Share Posted January 28, 2006 so basically if you use *nix or windows, it doesnt matter? that just sucks. There could probably go around viruses and worms on Windows that use this. On *nix systems however, it is different, it is much less prone to viruses and worms. Now even if it came a virus or worm for it, it probably would not be able to write to the BIOS/ACPI unless the user was running as root, which he probably do not. So you're much better off in terms of security with *nix. Link to comment Share on other sites More sharing options...
ccleaner professional user Posted February 5, 2006 Share Posted February 5, 2006 I personally don't see what is stopping an antivirus writer from downloading a free harddisk eraser program like d-ban from sourceforge, changing a few scripts, making a silent executable with say (Win Rar?) that will run automatically at reboot and destroy all data on your drive. Or making a "BIOS" update that really isn't and "flash" your motherboard with a series of attempts, trying all of the major vendors till it (usually) hits one that works and fries your pc. I don't see what is stopping them from using a command to delete the whole C: tree on reboot. Link to comment Share on other sites More sharing options...
Eldmannen Posted February 5, 2006 Share Posted February 5, 2006 Yeah, I suppose they can do many of that stuff. Deltree should be enough, they dont really need to use something like d-ban or eraser that securerly erases data. Deltree will cause enough trouble for most users. But I dont see why virus writers would want to ruin someone elses computer or data. I can understand that maybe virus writers they a kick out of seeing how fast, far and many their virus can spread to, but there is nothing cool about destroying other peoples computers and data. I wouldnt ever write a virus, but if I would, it would not be an evil one, it would be one that dont delete anything, just popups messages and jokes with the user. Example; * "I got infected with a virus and it's your fault you retard!" * "I got infected with a virus, why didnt you lookout for me?" * "Hi my name is Chewbacca, now you probably wonder how the hell I got into your computer..." * (Eject CD/DVD tray), "I am hungry, please put some carrots into the DVD" or "I am hungry, please feed me." etc Link to comment Share on other sites More sharing options...
ccleaner professional user Posted February 5, 2006 Share Posted February 5, 2006 Yeah, well, I was just saying.... If it's possible, they will probably do it... Eventually... --------------------------------------------------------------------------------------------------------- Is there a way to stop this potentially hazardous loophole to keep someone from making an undetectable silently executed automatic virus from slamming a machine? What if they made it always use different names + change how it works each time? How would antivirus vendors stop it, especially if they used the 4096 bit encryption? --------------------------------------------------------------------------------------------------------- Peace Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now