Jump to: navigation, search

Template:Firmware Trojans


Firmware infections should not be confused with hardware/circuit trojans, which are malicious modifications made to machine components during the manufacturing process. Despite their sophistication, circuit trojans are not immune to detection. [1]

Virtualizers and Hardware Compromise

Virtualizers like Qubes, VirtualBox and KVM cannot absolutely prevent the compromise of hardware. Running all activities inside VMs is a very reasonable approach. However, this only raises the bar and makes it more difficult and/or expensive to compromise the whole system. It is by no means a perfect solution.

No distribution of Linux, BSD, Xen or any other variant can solve the issue of needing to dispose of potentially infected hardware. Hardware-specific issues can really only be fixed at the hardware level. At best, software interventions can only provide workarounds.

The Promise of Libre Firmware

The problem is no hardware exists that consists of entirely Libre firmware. It is very difficult to analyze the firmware of hardware, wipe potentially compromised versions, or overwrite firmware with a most-likely-clean version.

Even if a user wholly depended on Libre firmware, this would only make verification easier but it could not stop infection. Disassembling hardware components - BIOS, disk controllers, CPU, Intel AMT and so on - and flashing them with clean versions offline is extremely difficult. It is simply cheaper and more convenient to buy new hardware.

The bundling of undesirable anti-features like DRM in closed firmware is further evidence that Libre firmware is needed, in addition to Libre hardware designs.

A hypothetical stateless computer [2] [3] would solve the problem of malware persistence, but it still could not protect against the damage (data-exfiltration) caused by successful exploitation.
  1. https://en.wikipedia.org/wiki/Hardware_Trojan#Detecting_Hardware_Trojans
  2. https://blog.invisiblethings.org/2015/12/23/state_harmful.html
  3. https://github.com/rootkovska/state_harmful/blob/master/state_harmful.md