Jump to: navigation, search

Template:Firmware Trojans

Once infected with very sophisticated malware that modifies low-level firmware, it is extremely difficult to detect in almost all cases. Note this should not be confused with hardware/circuit trojans, which are malicious modifications made to machine components during the manufacturing process (though even those are not immune to detection). [1]

Can a virtualizer such as Qubes, VirtualBox, KVM etc. prevent hardware compromise?

Running everything inside VMs is a very reasonable approach. However, it only raises the bar and makes it more difficult / expensive to compromise the whole system. It is not a perfect solution.

No distribution of Linux (or Xen, or...) like Debian, Qubes, BSD or other variants can solve the issue of not needing to dispose of potentially infected hardware. Hardware-specific issues can really only be fixed at the hardware level. At best, software interventions can only provide workarounds.

The problem is no hardware exists that consists of entirely Libre firmware. It is very difficult to: analyze the firmware of hardware, wipe potentially compromised versions, or overwrite firmware with a most-likely-clean version. If the firmware being used was Libre Software, it would make verification easier but wouldn't stop infection. Disassembling hardware components (BIOS, disk controllers, CPU, Intel AMT etc.) and flashing them with clean versions offline is so difficult, that it is just cheaper and more convenient to buy new hardware.

A hypothetical stateless computer [2] [3] would deal with malware persistence, but it cannot protect against damage (data-exfiltration) done by successful exploitation.

Bundling undesirable anti-features like DRM in closed firmware is further evidence that Libre firmware is needed, in addition to Libre hardware designs.
  1. https://en.wikipedia.org/wiki/Hardware_Trojan#Detecting_Hardware_Trojans
  2. https://blog.invisiblethings.org/2015/12/23/state_harmful.html
  3. https://github.com/rootkovska/state_harmful/blob/master/state_harmful.md