Phlashing a new term?

[nihil]

Actually, this isn't that new but the term is.

Basically it creates a permanent DoS by screwing the firmware that drives your hardware.

Researcher to demonstrate a permanent denial-of-service (PDOS) attack that remotely wipes out hardware via flash firmware updates
Smith will demonstrate how network-enabled systems firmware is susceptible to a remote PDOS attack -- which he calls “phlashing” -- this week at the EUSecWest security conference in London. He’ll also unveil a fuzzing tool he developed that can be used to launch such an attack as well as to detect PDOS vulnerabilities in firmware systems.

Story is here:

http://msmvps.com/blogs/donna/archiv...phlashing.aspx

Actually it is the tool that sounds interesting to me. Sure I know there are still a few vandal scumbags out there but mostly the current threat is from cybercriminals.

Now, my concern in this area is that these firmware chips could be used to store rootkits and other malware, and nothing in the conventional anti-malwares would detect it.

At least this tool should let you know where you are exposed?

[t34b4g5]

I had a new phone at the start of the year, it was great infact it was awesome, but i got pwned by some jerk, and it flashed the firmware on the phone with an earlt firmware version for the phone, and it had malicious code in it.
So off course the phone started doing all weird things. The most annoying part was when trying to type an sms and the phone restarting for no reason. Or during an important phone call it was hang up and try dialling some weird phone number.

[nihil]

That's a real bummer t34b4g5

With most PCs you can lock or password protect the BIOS but the sound card, video card, CD drive, DVD drive, HDD and floppy are generally wide open.