-
May 22nd, 2008, 09:55 AM
#1
Phlashing a new term?
Actually, this isn't that new but the term is.
Basically it creates a permanent DoS by screwing the firmware that drives your hardware.
Researcher to demonstrate a permanent denial-of-service (PDOS) attack that remotely wipes out hardware via flash firmware updates
Smith will demonstrate how network-enabled systems firmware is susceptible to a remote PDOS attack -- which he calls “phlashing” -- this week at the EUSecWest security conference in London. He’ll also unveil a fuzzing tool he developed that can be used to launch such an attack as well as to detect PDOS vulnerabilities in firmware systems.
Story is here:
http://msmvps.com/blogs/donna/archiv...phlashing.aspx
Actually it is the tool that sounds interesting to me. Sure I know there are still a few vandal scumbags out there but mostly the current threat is from cybercriminals.
Now, my concern in this area is that these firmware chips could be used to store rootkits and other malware, and nothing in the conventional anti-malwares would detect it.
At least this tool should let you know where you are exposed?
-
May 22nd, 2008, 11:13 AM
#2
I had a new phone at the start of the year, it was great infact it was awesome, but i got pwned by some jerk, and it flashed the firmware on the phone with an earlt firmware version for the phone, and it had malicious code in it.
So off course the phone started doing all weird things. The most annoying part was when trying to type an sms and the phone restarting for no reason. Or during an important phone call it was hang up and try dialling some weird phone number.
-
May 22nd, 2008, 11:52 AM
#3
That's a real bummer t34b4g5
With most PCs you can lock or password protect the BIOS but the sound card, video card, CD drive, DVD drive, HDD and floppy are generally wide open.
Similar Threads
-
By Egaladeist in forum Security News
Replies: 51
Last Post: November 28th, 2005, 08:29 AM
-
By Negative in forum AntiOnline's General Chit Chat
Replies: 11
Last Post: February 13th, 2004, 04:29 PM
-
By twenty6 in forum AntiOnline's General Chit Chat
Replies: 2
Last Post: December 22nd, 2002, 10:48 AM
-
By hot_ice in forum Product / Book / Training / Conference Reviews
Replies: 10
Last Post: September 11th, 2002, 06:35 PM
-
By linuxcomando in forum AntiOnline's General Chit Chat
Replies: 9
Last Post: June 19th, 2002, 03:07 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|