[liberationtech] NYT report on Obama admin's wiretap plans
Jack Lloyd
lloyd at randombit.net
Mon Sep 27 14:39:00 PDT 2010
On Mon, Sep 27, 2010 at 05:31:39PM -0400, Thomas Smyth wrote:
> Hmm, you mean the motherboards on client computers? For example, person X
> has a motherboard with an exploitable on-board network card that lets an
> attacker, say, snoop packets before they're encrypted or something?
From Ben Laurie's blog (http://www.links.org/?p=330)
"""
1) there are remarkably naive "protection" methods to prevent
malicious users from overwriting NIC firmware with something of their
choice,
2) as an extension to 1) above it is amazing to discover how simply
firmware can be updated over the wire on specific NICs,
[...]
because of the nature of the PCI bus, you can use the same technique
on any machine with a vulnerable NIC to read all of RAM. You might
even be able to read disk, too, depending on the disk controller.
"""
Since I haven't heard anything at all about this at all since this
post (in 2008), it seems relatively likely that some/many/most NICs
are still vulnerable to this.
-Jack
More information about the liberationtech
mailing list