Has your motherboard or hardware device been "Cracker Flash-Trashed" today?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Has your motherboard or hardware device been "Cracker Flash-Trashed" today?
Has your motherboard or hardware device been "Cracker Flash-Trashed" today?
What is "cracker flash-trashed"?
It's when a system motherboard or hardware device has been partial or fully flashed with bad code, as in bios or firmware upgrade. Which of course renders it completely useless, as in "totalled".
How do "crackers" (hackers gone bad and bent on evil) do this nasty deed?
They crack through the security, both physical (bios password) and operating system of your system, run a scan on the sys and periph's, then flash the devices that can be flashed with hacked code or original code with a "force" command through a tcp/ip connection which they sever in midstream by killing the tcp/ip stream. Which if you didn't know renders all devices done as in hosed, trash.
Nifty, huh?!
Nope! They are evil meanies that need to be brought to justice!!!
So if your hardware starts acting up after you've been on the Internet, don't be too suprised if it's not juse a permission problem as this is the cost for running a system that doesn't have an embedded operating system.
What can be don't about this to protect your "non-embedded linux system"?
No Firetrucking Idea (nfi).
Note: The definition of "hardware device" includes all devices that are able to have their firmware or bios updated with code from the manufacturer that made the device. Which includes CD-ROM, CD-RW, DVD, DVD-RW, DAT, HD, RAID controller, sata controller, scsi controller, network card, video card, sound card, modem, etc.
Note: "Crackers" can also "burn out" your monitor or damage it if the "crack" they perform is also one on the video settings of the X Window System server.
Note: "Crackers" can also "burn out" your monitor or damage it if the "crack" they perform is also one on the video settings of the X Window System server.
For the last few years, the monitors that you buy will not get "burned out" if you go beyond their operating frequencies. They now display a message that says "out of range" or something like that or just stay blacked out until the frequency is OK. Older monitors don't do this and try to display the setting they can't do. You used to could ruin your monitor if you setup X incorrectly.
since "new monitor" is a vague statement and not everyone in the world who has a computer bought it new to run Linux, I'd say 'burning out' a monitor is more than likely since the majority of monitors in the world are NOT the new smart type as most people buy new computers and keep the old monitor because, well, quite frankly, it's still working, unless the size is too small for the users needs.
And then of course if and when your sys gets trashed, you'll be convinced it can be done.
.... Since when do 'hackers gone bad' have interest in making a profit? I thought their main creedo is 'destroy and conquer or conquer and destroy'! those evil meanies!!!!
I forgot to add where I got the content for this thread. I researched various security websites and the linux doc proj which had a notrious message:
systems can be taken over or worse
the 'or worse' part is what this thread is mentioning.
many sites including TLDP don't go into detail because they don't want people to freak out that their systems can not only be 'cracked', but they can be 'destroyed'.
many sites including TLDP don't go into detail because they don't want people to freak out that their systems can not only be 'cracked', but they can be 'destroyed'.
Sounds like conspiracy theory, did you lately watch Mel Gibson movie?
The important part that you forget to mention is that a cracker would need to get root privlages for your system. Then they would have to see what hardware you have, upload the flash utility, and then run it. Also most motherboards cannot be flashed while the system is running, they need to be booted to a clean DOS enviroment. Now you may be able to flash firmware for CDROMs and the like but of course you could always flash them back. Hardware vendors are aware that people can flash unsigned firmware that's why they often have checksums or digital signatures that must be present to preform the operation. What your describing would be a very rare occurance and I would be surprised if it ever happended.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.