Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Government grade malware in the wild

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Security & Virus Discussion

Government grade malware in the wild
Reply
 
Thread Tools
Old 28-07-2014, 15:58   #16
Qtx
CF's Worst Nightmare
 
Join Date: May 2012
Location: Probably outside the M25
Services: Sky Fibre Unlimited 40/10
Posts: 3,473
Qtx has a bronzed appealQtx has a bronzed appeal
Qtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appeal
Re: Government grade malware in the wild

Quote:
Originally Posted by qasdfdsaq View Post
Thanks for the explanation

As for hardware protection - haven't we had TPM and Trusted Execution for a while now?
Hope it's actually correct

I think TPM can be bypassed by having the malware run from hardware, like in the firmware of graphics cards and such like. Just did a quick google and found this white paper: Cloaking Malware with the Trusted Platform Module (PDF) which just goes to show that these things are far from perfect.

Had seen this vulnerability on Trusted Execution before and there may be more:

Quote:
Last revised: 07/11/2014
Source: US-CERT/NIST
Overview
Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.
Also TPM Reset Attack

There are probably more and some better examples but only ones I can remember off the top of my head. The point being that hardware protection needs to get much better. It's a bit like consoles and how they get harder to crack on every generation except for the fact the NSA will always try and get weakness's put in to the hardware protection so I doubt hardware protection will ever be perfect either.
Qtx is offline   Reply With Quote
Advertisement
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 11:49.


Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.