Re: [OT] Re: the ghost of UEFI and Micr0$0ft
On Thu, Jun 7, 2012 at 5:43 AM, Andrei POPESCU <andreimpopescu@gmail.com> wrote:
> On Mi, 06 iun 12, 13:04:50, Kelly Clowers wrote:
>>
>> I sincerely doubt it. Although I guess it depends on what you mean by
>> "via the network". Worms that infect like SQL Slammer are relatively
>> rare, AFAIK most malware get in via drive-by downloads, or intentional
>> installation of programs that are infected. Those are user issues and
>> browser issues (though local OS exploits may be used after the
>> browser security is bypassed). Though these get delivered by the
>> network, it isn't the same as vulnerabilities in, say, the TCP/IP
>> stack, or a vulnerable OS daemon/service.
>
> But still, those attacks wouldn't be prevented by Secure Boot, so Nate's
> argument (Secure Boot won't improve Windows security) still stands.
Did everyone miss this link [1] that was posted by MG in his blog post?!
Simply because viruses/malware/etc have been introduced historically
through the network doesn't mean that the firmware isn't a target now
or won't be in the future.
That Microsoft's leveraging a (potential) solution to this problem to
make our lives difficult isn't surprising...
1. http://blog.webroot.com/2011/09/13/mebromi-the-first-bios-rootkit-in-the-wild/
Reply to: