Hacker News new | comments | show | ask | jobs | submit login

The computer had been infected. They scrubbed everything you would normally scrub, and it was reinfected. The hypothesis being that the infection persisted somewhere, such as the Realtek firmware.

At no point has anyone believed a never-infected computer would become magically infected via audio. You are looking for such a suggestion and finding it in poor writing. In reality, it is not there.

If you want to lambast Ars Technica for shitty writing, go right ahead, but don't criticize Dragos's claims until you are certain you know what they are. And as we all know, such a certainty can never come from the press. You must go to the source. Read Dragos's Google+ page and his Twitter feed. And read them carefully, not hastily and not with the intent of finding fantastical claims where they don't exist.

You've been primed by a sensationalist article to look for something sensational. Be conscious of that.

> You are looking for such a suggestion and finding it in poor writing.

You have crossed from facts which you know into speculation about my mental processes, and in fact you are incorrect about the latter. Without any preconceptions about this whatsoever, I read the Ars article and it strongly suggested to me that the claim was that the infection itself had spread over an air gap.

Otherwise, why even lead from this story into the theory of communicating via sound? If indeed the computer was already infected, then it would be no surprise that it could do something like interfere with running a registry editor. The air gap jumping would be entirely irrelevant to the story.


Why would a never-before-seen-in-the-wild malware technique be irrelevant to a story about the malware implementing in?


Sorry, I was unclear. By "story" I meant the specific story about the machine they attempted to wipe clean but that still remained infected somehow. The theory that the virus could communicate over air gaps would be irrelevent to that specific story, because if we assume that the computer was still infected, jumping air gaps is irrelevant to what was observed in that specific instance.

In other words I'm agreeing with you that the Ars article was misleading. But my initial comment was not meant to be critical of Dragos or anybody else. It was an honest, uncharged question about how my reading of the Ars article would be possible, even theoretically. The answer (it sounds like) is that the Ars article misled me about what Dragos was actually claiming.


I think the point is that anyone with an ounce of technical competence knows that the claim of formerly a normal computer being infected via sound is patently absurd, so even bringing it up is unnecessarily distracting from the discussion at hand.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact