Reply to post: Re: RE: encryption from my PC to its destination PC/server

New UK Home Sec invokes infosec nerd rage by calling for an end to end-to-end encryption

eldakka

Re: RE: encryption from my PC to its destination PC/server

If you have compromised firmware, then there is no requirement for comms between devices to pass through processing done by software. E.g. a compromised USB controller on the motherboard doesn't have to go through the O/S to access the NIC. If the NIC is separate from the processor, e.g. a PCIe expansion card, it could go point-to-point along the PCIe bus.

If you compromise the firmware of the entire system, the UEFI, then you can do what you like without any CPU involvement (assuming you don't want or need the horsepower above the embedded microcontrollers).

And, depending on what the firmware does, the firmware could inject into the O/S it's own malware that can't be seen by the O/S, to do its own nefarious tasks, like capturing data coming in from the attached keyboard and then sending out out through the NICs. No extra hardware required. There are known HDD firmware that do this, they inject malware into the system so it runs as a rootkit, has full access to the system. When someone detects a virsus/malware and removes it, even does a reformat/reinstall, the firmware in the HDD re-injects the malware after the reinstall. Some security researchers found this HDD firmware a few years ago (2015 I think) and presented it at a BlackHat conference.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon