NSA sponsored crackers have infected harddrive firmware for 14 years
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The article (as far as i have gotten) seems to be focused on windows. Anyone know what this means, or how successful the same methods might be, for linux?
Quote:
In addition to planting exploits on the websites, the attack code was also transmitted through ad networks. The wide range of exploit carriers may explain why so many of the machines Kaspersky observed reporting to its sinkholes were domain controllers, data warehouses, website hosts, and other types of servers. Equation Group, it seems, wasn't infecting only end user computers—it was also booby-trapping servers known to be accessed by targeted end users.
The article (as far as i have gotten) seems to be focused on windows. Anyone know what this means, or how successful the same methods might be, for linux?
Yikes!
Quote:
The CD from the 2009 Houston conference—which Kaspersky declined to identify, except to say it was related to science—tried to use the autorun.inf mechanism in Windows to install malware dubbed DoubleFantasy.
autorun.inf, of course.
Windows in admin is akin to Linux in root.
If you ran a linux virus from a cd as root, you can easily be infected.
If you follow the "normal" practice of doing 99% of stuff as a normal user, this would be contained within a users ~/ directory.
Bad, but won't compromise a system.
Quote:
By embedding malicious code inside the .LNK files, a booby-trapped stick could automatically infect the connected computer even when its autorun feature was turned off.
If the article is correct, and they have control of the hd firmware, at the file system level, and the malware loads with, or before, the os, im not sure root matters any more.
This is a diagram of how the malware loads in windows, note that the malware loads before the os loader:
With open source you know what your system is processing using cpu. Who knows what's inside the processor and any other hardware. For national security every chip/hw may be bugged. Can a user find out what's in them. And we try to improve the security of softwares very hard(perhaps not).
If the article is correct, and they have control of the hd firmware, at the file system level, and the malware loads with, or before, the os, im not sure root matters any more.
This is a diagram of how the malware loads in windows, note that the malware loads before the os loader:
True. I guess what I'm saying is don't let it get to that point. At some point it needs the permission to install the malware. If you permit it (admin in MS makes that easy) then it doesn't matter what os you use.
Distribution: Lubuntu, Raspbian, Openelec, messing with others.
Posts: 143
Rep:
Quote:
Originally Posted by veerain
With open source you know what your system is processing using cpu. Who knows what's inside the processor and any other hardware. For national security every chip/hw may be bugged. Can a user find out what's in them. And we try to improve the security of softwares very hard(perhaps not).
I would think that is part of why the various open bios projects came into being. People want to know what their computers are doing on a hardware level.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.