
"BadBIOS" features explained - q_no
http://blog.erratasec.com/2013/10/badbios-features-explained.html
======
fiatmoney
There are polite and impolite ways to express skepticism, and I'd encourage
anyone to give Ruiu the benefit of the doubt as far as his motivations are
concerned, even if you can think of an uncharitable explanation. "Here's some
odd behavior I've seen and a possible explanation" is far from a hostile or
irresponsible thing to say, especially when there are long histories of state-
level and non-state level bad actors engaging in behavior to warp the target's
perception relative to observers' of what's going on. [1][2]

[1]
[http://en.wikipedia.org/wiki/Stasi#Zersetzung](http://en.wikipedia.org/wiki/Stasi#Zersetzung)

[2]
[http://en.wikipedia.org/wiki/Gaslighting](http://en.wikipedia.org/wiki/Gaslighting)

~~~
pudquick
As a counterpoint - I would also like to point out that just because someone
is _" a well-respected researcher for 15 years"_, that doesn't mean everything
they will ever say will be a quality statement above reproach or should be
taken as fact at face value. [1]

[1]
[http://en.wikipedia.org/wiki/John_Forbes_Nash,_Jr.#Mental_il...](http://en.wikipedia.org/wiki/John_Forbes_Nash,_Jr.#Mental_illness)

~~~
lawnchair_larry
I will also point out that Dragos is not actually a prominent security
researcher. He organizes a security conference. He has never presented
research at his own conference, or at any other conference, as far as I can
remember.

I only say this because people want us to take these claims on faith, citing a
credential that he hasn't actually established. Furthermore, his tweets so far
seem to be full of rookie mistakes. I've seen a fair number of "security
enthusiasts" do exactly what he is doing.

------
bitwize
_But at the same time, this is Dragos Ruiu, a well-respected researcher for 15
years. If he says he 's got an infected BIOS, I'm going to believe him._

My first impression was that badBIOS was an elaborate troll on the part of
Ruiu, to make the point that just taking what even a "well-respected
researcher" says at face value is NOT good security practice.

~~~
gngeal
There are so many people out there who are delusional...the truthers, the
"Moon landing hoax" folks; even Nobel prize winners can be susceptible, just
recall Pauling and Shockley. Also, Bobby Fischer. This guy could easily have
fallen prey to the same kind of brain eater.

~~~
Apocryphon
It seems telling that unlike most such paranoid fantasists, he hasn't blamed
anyone for this yet. Usually such delusions come with accused culprits and the
like. I really don't like how people are jumping to labeling as suffering from
a mental malady. Maybe he's in error, but why does he have to be ill?

~~~
gngeal
Extraordinary claims require extraordinary evidence. So far, I haven't seem
him providing the latter.

~~~
aaronem
That's because he isn't making the former. It took a hack [1] like Dan Goodin
to make him look as though he were.

His actual claims, as far as I can determine and as corroborated by the Errata
Security article, are: (1) that BIOS firmware, and potentially also built-in
peripheral device firmware, might serve as a durable reservoir for malware;
(2) that buffer overflows and similar sloppy coding practices in USB HID
device drivers can serve as infection vectors; (3) that pre-existing malware
can use ultrasound as a (buggy, flaky, slow) C&C protocol transport; and,
finally and most controversially, (4) that he has live examples, as yet
unpublished, of malware which demonstrates all three of these behaviors.

Claim 1 seems not particularly controversial, given that prototypes have been
demonstrated at conferences.

Claim 2 has at least one example in the wild, in that a PlayStation 3
jailbreak has successfully used the exact method described as a code injection
vector. The PS3, of course, is a static target; how well the method scales to
the PC platform is therefore an open question, but given the apparent relative
paucity of implementations available, it seems at least plausible as a useful
attack vector for malware.

Claim 3 is theoretically valid and, as another HN user pointed out [2] in
response to my own skepticism on the subject, has at least one strong proof of
concept in the wild.

Claim 4, of course, is unverifiable at this time; given Ruiu's provenance in
the field, though, I'm with the Errata Security writer in considering that
Ruiu deserves the benefit of the doubt, on the presumption that he'll soon
substantiate the claim.

At most, then, his claims are 25% extraordinary, and I argue it took a useless
hack like Goodin to make them seem even that much so -- to say nothing of all
the recent speculation with regard to Ruiu's mental state, which I can only
ascribe to a spectacular failure among HN commenters to consider the source --
specifically, the source of that Ars Technica article, whose lack of
credentials should be plain to anyone with the time and interest to examine
his journalistic history. What in God's name possessed Ruiu to give a hack
like Goodin an interview is entirely beyond me, but that's as close to a sign
of poor or impaired judgment as I can see.

[1]
[https://news.ycombinator.com/item?id=6655448](https://news.ycombinator.com/item?id=6655448)

[2]
[https://news.ycombinator.com/item?id=6650152](https://news.ycombinator.com/item?id=6650152)

------
sillysaurus2
Would someone please explain how the firmware dumps of the infected computer
are being made?

Is it true that if you control the firmware, then you control what the dumps
of that firmware will look like? The only way I can imagine getting a clean
dump of that machine is by desoldering the chips and imaging them via some
specialized tool. If the machine's firmware is rooted, how can you trust any
signal the machine sends, especially firmware dumps? The virus could trivially
hide itself by detecting a firmware dump is in progress and sending a decoy
(clean) image.

~~~
FlyingAvatar
A system's BIOS image is usually written to an EEPROM chip, and they are often
removable. So you can either just pop them out, or desolder them in the worst
case.

Then you can use an external EEPROM reader that can dump the contents, but is
not capable of running the code.

The EEPROM is storage only; it's contents are loaded by the PC at boot. So if
it is removed, there is no processing that an occur internally than can mask
the data inside of it.

~~~
sillysaurus2
ROM is Read Only Memory. If it's read only, how could it become infected?

EDIT: Sorry for being unclear. I'm aware EEPROM can be overwritten. But
presumably that requires special privileges, or a special circumstance (like
the user physically holding some button on the motherboard during bootup, or
something). The article isn't at all clear how it's possible to write a
program that escalates its privileges to such an extent that it can then
overwrite EEPROM. Is it really possible? How?

~~~
FlyingAvatar
EEPROM -

Electronically Erasable Read Only Memory

It's re-programmable (i.e. by re-flashing it).

edit: I should add that motherboard manufacturers could prevent this type of
attack by "locking" the BIOS for flashing unless it was explicitly unlocked by
changing a setting in the BIOS menu (some have this already, I believe). The
problem at the moment is that the BIOS is writable at all times, even when the
OS is running. This makes BIOS updates easier (i.e. you can make a Windows
application that can do so, for example), but the problem is that this allows
ANY process with Admin access to alter the BIOS as well.

~~~
sillysaurus2
_The problem at the moment is that the BIOS is writable at all times, even
when the OS is running. This makes BIOS updates easier (i.e. you can make a
Windows application that can do so, for example), but the problem is that this
allows ANY process with Admin access to alter the BIOS as well._

I'm speechless that this horrible idea was ever taken seriously, much less
implemented. That answers my question as to how a BIOS could become infected.

I'm seriously sitting here in shock. How could any hardware manufacturer think
it was a good idea to let a userspace program permanently alter EEPROM, ever?
One does not need to be very intelligent to realize hackers will hack that.

This brings us full circle to the original question, though: Did the security
researcher write a program to dump the contents of EEPROM rather than
desoldering the chips? if so, then he may have been hoodwinked by the virus.

~~~
fleitz
> How could any hardware manufacturer think it was a good idea to let a
> userspace program permanently alter EEPROM, ever?

Because most hardware manufactures are selling to consumers and not
cypherpunks.

------
aryastark
The Ars Technica article is nothing short of offensive. It's an article that
does not need to exist. We need to sit down and have a nice long talk about
the ethics of fear mongering in the security industry, as well as the idea
that a "well-respected researcher" would not only hype up his findings, but
not even _reveal_ his findings until a conference that _he_ organizes. Talk
about a conflict of interest.

I'm willing to give Dragos the benefit of the doubt here and just assume that
Dan Goodin has his head so far up his ass he can't see clearly and that Dragos
has no intention of misleading people.

But having these issues for 3 years? Let's just say that extraordinary
evidence needs to come out fairly quickly now. Or at least a massive
correction of the hype here. Surely, in 3 years, _someone else_ would have
discovered this thing.

------
websitescenes
I can't believe how presumptuous every one is here. Let's just wait and see.
The idea is completely plausible. I like to operate off of facts and right now
we just don't have them.

~~~
300bps
_The idea is completely plausible_

I disagree. The definition of plausible is "seeming reasonable or probable".

To say "the idea is completely possible" might be accurate but has a
completely different meaning.

A security researcher discovering malware that infects several different BIOS
types including on PC and Mac hardware with every major operating system that
can spread via USB and communicate via sound between standard speakers and a
standard microphone over distance and then going about his normal day-to-day
life over the next three years is the very definition of _improbable_.

~~~
sliverstorm
That's Google's definition, which in my opinion doesn't capture the word
correctly. That definition implies "plausible" suggests "likely". Turning to
Webster:

    
    
        1 superficially fair, reasonable, or valuable but often specious <a plausible pretext>
    
        2 superficially pleasing or persuasive <a swindler… , then a quack, then a smooth, plausible gentleman — R. W. Emerson>
    
        3 appearing worthy of belief
    

To me, an idea is _plausible_ if I can entertain the possibility without
suspension of disbelief.

~~~
chc
Which, as the parent said, does not seem to describe this bizarre malware. As
described, it is so exotic that it requires some serious suspension of
disbelief for a lot of people.

------
bashcoder
I'm just thankful that China doesn't make computer hardware.

~~~
x0054
In this day and age, does it really matter if China or US makes the hardware.
I think it's been definitively proven that one is not better than the other,
when it comes to privacy and hacking.

------
ieatdots
>With a slightly more expensive dongle that can transmit as well as receive,
your laptop can pretend to be a wifi access point or a cell phone tower...

I understand the point being explained here, but is this really accurate? I
don't know of any SDR platform, let alone a "dongle" with anywhere near the
capacity necessary to operate as a wifi AP.

~~~
ieatdots
Maybe I'm wrong here. Looks like bladeRF and USRP B200-series have the
bandwidth, sample rate, and data speed to do 802.11b.

Maybe some radio smartperson can clarify?

~~~
nknighthb
The USRP B200 sales page actually says it can be used for WiFi. It also says
"up to" 56MHz of bandwidth -- if that's actually available in the 2.4 and/or
5GHz bands, it should be able to implement 802.11n which uses 20 or 40MHz
channels.

(802.11ac is out of bounds, its channels are 80MHz minimum.)

------
e12e
For a summary of quite a few of the techniques mentioned in the Ars article,
have a look at:

Hardware backdooring is possible - By Jonathan Brossard
[http://www.youtube.com/watch?v=yRpilXPv8pU](http://www.youtube.com/watch?v=yRpilXPv8pU)

(This one more recent from nullcon, made a splash from DefCon 20 earlier).

It's not really much of a stretch that an agency (commercial, criminal or
government) that dedicated a few man-years of work could come up with
something along these lines.

There's really only one-and-a-half "out there" claims: the "half" being
networking via audio, the "one" being cross-platform.

It'll be interesting to see if they manage to grab a dump of the malware and
we can get more eyes looking at it...

------
mateuszb
I encourage people to learn about ITP port and JTAG debuggers for processors.
It is easy to verify all of this with ITP debugger in no time. I am surprised
nobody did it. It is amateurish at least for a 15 years of experience. I'd
expect a researcher like that to know about hardware ITP port. How do you
think BIOS or UEFI firmware are developed and debugged? The cost of the
debugger is 20k USD and you hook directly into the CPU bus and see everything
from SMM mode transitions to cache events. Complete transparency without the
sci-fi claims anymore and crap publicity.

EDIT: [http://en.wikipedia.org/wiki/In-
target_probe](http://en.wikipedia.org/wiki/In-target_probe)

------
greglindahl
A mild omission in the blog posting: the BIOS continues to run after the OS
boots. See:
[http://en.wikipedia.org/wiki/System_Management_Mode](http://en.wikipedia.org/wiki/System_Management_Mode)

~~~
lawnchair_larry
A not so mild omission, Macs don't even have a BIOS.

~~~
greglindahl
Modern Macs have UEFI, which is a form of BIOS.

(edit: actually called UEFI: EFI is an old name...)

~~~
lawnchair_larry
Apple still uses EFI. It's not a form of BIOS, it's a BIOS replacement.
They're quite a bit different.

~~~
pgeorgi
"Basic Input/Output System" fits the bill for me even for (U)EFI.

It doesn't implement PCBIOS APIs (those int10h calls everyone came to
lo{ve,athe}), but neither does a PC BIOS implement CP/M BIOS functions.

For the BadBIOS topic (and many other firmware debates), the "UEFI isn't BIOS"
thing is useless semantics:

PCBIOS, EFI and UEFI serve the same purpose: They initialize the hardware,
load the OS loader, then provide some amount of services to the OS (just
through different means).

All of them provide runtime services to the OS (that the OS might or might not
use). All of them have extensive control over the OS at all times through SMM,
even if the OS decides not to use those runtime services. And all of them make
use of these capabilities.

That is: All of them survive the boot process and have a considerable level of
control over the hardware at all times.

------
stephengillie
How would you write an OS that would be encrypted or otherwise inaccessible to
the hardware on which it's running? It would be a kind of hypervisor OS, but
you might run only 1 VM so you could connect via console and maximize
resources, as though it were a standard PC. Or maybe have a small server VM to
help your network manage resources.

Are we looking at a future where a standard OS install is a multi-VM
situation?

~~~
pgeorgi
Intel wants to introduce in-CPU encrypted memory regions with its SGX
extensions for such uses. That would allow encrypted virtual machines that the
VM host (or SMM or TXT or whatever other super privileged mode you control)
couldn't analyze.

Of course, you're merely moving your trust anchor from code (verifiable, easy
to subvert) to CPU (unverifiable, hard to subvert). Pick your poison.

------
haberman
How could malware jump across an air gap to a clean machine, even
theoretically? No uninfected machine would reflash its firmware from what it
was hearing on its speaker.

~~~
nknighthb
This is driving me insane. Why do people keep asking this question? Even Ars's
poorly written article was crystal clear on this. The article you just
commented on is crystal clear on it as well. It says:

> _Dragos believes that two infected computers can communicate with each other
> over the audio port_

 _Infected computers_. The audio communication is between infected machines.
It is not the vector of initial infection.

~~~
haberman
I am responding to this (quoted from the Ars article):

"We had an air-gapped computer that just had its [firmware] BIOS reflashed, a
fresh disk drive installed, and zero data on it, installed from a Windows
system CD," Ruiu said. "At one point, we were editing some of the components
and our registry editor got disabled. It was like: wait a minute, how can that
happen? How can the machine react and attack the software that we're using to
attack it? This is an air-gapped machine and all of a sudden the search
function in the registry editor stopped working when we were using it to
search for their keys."

"Ruiu posited another theory that sounds like something from the screenplay of
a post-apocalyptic movie: "badBIOS," as Ruiu dubbed the malware, has the
ability to use high-frequency transmissions passed between computer speakers
and microphones to bridge airgaps."

I presume the computer that had reflashed BIOS, fresh disk drive, with zero
data, installed from a Windows System CD, was uninfected. Then it became
infected. Then he mentions a theory that it jumps airgaps with speakers and
microphones.

This strongly implies that the claim is of a virus that jumps airgaps from an
uninfected machine to an infected one through sound.

Which part of this is incorrect?

(Also, the claim that infected computers communicate via sound to bridge
airgaps is not mutually exclusive with the claim that infection can spread
over airgaps. So what you quoted does not contradict this claim, which is why
I didn't take it as a refutation of my previous reading).

~~~
nknighthb
The computer had been infected. They scrubbed everything you would normally
scrub, and it was reinfected. The hypothesis being that the infection
persisted somewhere, such as the Realtek firmware.

At no point has anyone believed a never-infected computer would become
magically infected via audio. You are _looking_ for such a suggestion and
finding it in poor writing. In reality, it is not there.

If you want to lambast Ars Technica for shitty writing, go right ahead, but
don't criticize Dragos's claims until you are certain you know what they are.
And as we all know, such a certainty can _never_ come from the press. You must
go to the source. Read Dragos's Google+ page and his Twitter feed. And read
them carefully, not hastily and not with the intent of finding fantastical
claims where they don't exist.

You've been primed by a sensationalist article to look for something
sensational. Be conscious of that.

~~~
haberman
> You are looking for such a suggestion and finding it in poor writing.

You have crossed from facts which you know into speculation about my mental
processes, and in fact you are incorrect about the latter. Without any
preconceptions about this whatsoever, I read the Ars article and it strongly
suggested to me that the claim was that the infection itself had spread over
an air gap.

Otherwise, why even lead from this story into the theory of communicating via
sound? If indeed the computer was already infected, then it would be no
surprise that it could do something like interfere with running a registry
editor. The air gap jumping would be entirely irrelevant to the story.

~~~
nknighthb
Why would a never-before-seen-in-the-wild malware technique be irrelevant to a
story about the malware implementing in?

~~~
haberman
Sorry, I was unclear. By "story" I meant the specific story about the machine
they attempted to wipe clean but that still remained infected somehow. The
theory that the virus could communicate over air gaps would be irrelevent to
that _specific_ story, because if we assume that the computer was still
infected, jumping air gaps is irrelevant to what was observed in that specific
instance.

In other words I'm agreeing with you that the Ars article was misleading. But
my initial comment was not meant to be critical of Dragos or anybody else. It
was an honest, uncharged question about how my reading of the Ars article
would be possible, even theoretically. The answer (it sounds like) is that the
Ars article misled me about what Dragos was actually claiming.

~~~
anfedorov
I think the point is that anyone with an ounce of technical competence knows
that the claim of formerly a normal computer being infected via sound is
patently absurd, so even bringing it up is unnecessarily distracting from the
discussion at hand.

------
Lagged2Death
I am reminded of N rays.

[http://en.wikipedia.org/wiki/N-rays](http://en.wikipedia.org/wiki/N-rays)

------
AsymetricCom
#1 feature: being able to sway large portions of IT-sector opinion, with
unsubstantiated fear and security threats, to be pro-internet regulation.

~~~
pgeorgi
Why internet regulation? This is firmware, so it can be fixed at the firmware
level.

However I'd advise to limit the impact UEFI can have on a system (which, right
now, is universal). And sometimes I even work on it
([https://github.com/pgeorgi/edk2/tree/coreboot-
pkg](https://github.com/pgeorgi/edk2/tree/coreboot-pkg))

------
fantnn
Guess I'll be adding a frequency emitter in this range near my air gapped
machine.

~~~
acdha
Doing something easy to get wrong rather than removing the speakers?

