Gigabyte confirmed for garbage

File: 452.png (52KB, 136x199px)

52KB, 136x199px

>>59744537
>mfw I just bought Gigabyte motherboard for Babbylake 2 months ago.

>>59744607
start upgrading that BIOS homie.

>>59744537
>uefi is the future anon, you don't want that obsolete bios anymore do you?

File: 1422520723513.png (98KB, 600x500px) Image search: [Google]

98KB, 600x500px

>>59744537
Any other devices apart from SHIX affected?

I think I'm pretty comfy on am4, dunno if they reused compromised parts of code though =/

>>59744537
UEFI RANSOMWARE ohhh wow!!!
I'm so glad I've stayed legacy bios.

>>59744636
probably all of them but researchers haven't tried them all.

expect Gigabyte to start releasing updates to BIOS of all of their current mobos. I'd be worried if you have an older mobo and doesn't get an update.

>>59744620
legacy bios wasn't free from hacks either.

>>59744675
have they tried any mobos apart from shix? got an article link?

>>59744663
>he thinks you can't do even more with an old BIOS
what's it like being a retard?

>>59744537
Damn. My living room HTPC is an early BRIX.

>>59744537
I think I might have an idea, what if manufactures agreed on developing and using the same firmware, and then, what if they released that firmware code to the public so really smart people could fix some bugs from the firmware?
Manufacturers would gain because they wouldn't need to constantly expend on developing a new firmware and the public would get a less buggy firmware.

Am I dreaming too hard /g/ ?

so basically the only way to prevent this would be to update (or re-flash) your bios fucking constantly?

wew lad uefi is cool

>>59744757
>open source
wew lad
nothing succeeds if it's open sourced - nu/g/

>>59744537
*switches to secondary bios*
nothing personnel kid

>>59744537
But didnt Microsoft used to brag about how UEFI would protect the system from malicious software during boot time(translating to not allowing the user to use different operating systems from the windows botnet) is itself, hackable? And even worse, hackers can modify the firmware and use to implement a ransomware, effectively taking control of the machine and encrypting all data during boot time?

What went wrong, /g/?

I should have stuck with Asus

>>59744537

Who even uses UEFI? Even if you're not running DD mode all you could need can be done with MBR. I don't think I have ever seen a computer using UEFI.

>>59744537
Ok

Switch the bios with the switch that's what it's for

>>59745044
What?

UEFI has been largely explored since the release of WIndows 8. Currently, many motherboards come with UEFI(thanks Microsoft monopoly) and the vast majority of laptops and pre-built computers with Windows installed also use UEFI. My shitty Celeron laptop with Windows 8 uses UEFI. Old BIOS system is now called "Legacy."

File: 1491188238886.jpg (119KB, 480x508px) Image search: [Google]

119KB, 480x508px

what the fuck do you do if your bios is compromised?

>>59744773
No. Once the tampered BIOS has control it can pretend it's writing a new BIOS while actually dropping your fresh new BIOS into the bit bucket.

>>59744930
Security is never perfect, welcome to security 101. It's still an improvement over legacy BIOS.

>>59744686
But at least the bar was higher. UEFI is so shitty that any skiddie can hack into it.

What if your motherboard has dual-bios, one of which being read-only which you can use to auto-flash the other with a hardware button? My current motherboard doesn't offer that but an older one I had did, was that dropped as no good?

>>59745024
>ANUS
>ever

At least Gigabyte isn't shipping motherboards with outdated firmware

>buy X370 Prime
>system powers on but nothing is displayed on screen
>RMA CPU and RAM
>same shit
>call ANUS support
>they say I need an older CPU to upgrade the BIOS
>????????

fuck ANUS

>>59745601
You have to pay a lot for a motherboard of that quality. And the BIOS hijack seems to encrypt your files, so it only has to run once and you're fucked.

File: 1468213207592.jpg (779KB, 1280x1045px) Image search: [Google]

779KB, 1280x1045px

>>59745313
>what the fuck do you do if your bios is compromised?
You sell the whole thing to some idiot on ebay or you just take a hammer to it.

Same goes to your HDD getting infected since NSA (and now presumably other crime gangs and state actors as well) can replace your HDD firmware and you can't do shit about it.

>>59745627
Ah, fair enough. Thanks for the rundown m8.

>>59745607
PCpartpicker tries to warn you about this shit.

>>59745628
The same caveat applies to all firmware hacks and hijacks. Specific hacks and firmware need to be written for each hardware make, model and brand. There is no one-size-fits-all firmware hack, which is why you only see state actors using it to target specific individuals who they know the specific hardware of ahead of time.

File: 1490575730584.jpg (78KB, 598x399px)

78KB, 598x399px

>>59745628
fuckin spooky

>>59745722
>The same caveat applies to all firmware hacks and hijacks. Specific hacks and firmware need to be written for each hardware make, model and brand. There is no one-size-fits-all firmware hack, which is why you only see state actors using it to target specific individuals who they know the specific hardware of ahead of time.
They share a lot of commonalities. Especially among same brands. If you can infect one Mobo brand, there's a good chance you can infect all of the Mobos of that manufacturer. Whether you can make them work after you do that is another question (lots of CPU, GPU, PCIe etc specific driver code goes in there).

>>59745734
First time I saw NSA's ANT Catalog, it blew my mind.

https://en.wikipedia.org/wiki/NSA_ANT_catalog

https://nsa.gov1.info/dni/nsa-ant-catalog/

It's like science fiction became real.

uefi is just so god damn vulnerable i'm a fucking idiot and i could figure out how one would go about a persistent rootkit if one had some other priv escalation vuln

it just seems obvious to me this would be a bigger concern and it's mindblowing to me that projects like heads are not a big thing yet

>>59745820
>They share a lot of commonalities. Especially among same brands. If you can infect one Mobo brand, there's a good chance you can infect all of the Mobos of that manufacturer. Whether you can make them work after you do that is another question (lots of CPU, GPU, PCIe etc specific driver code goes in there).
While true, it's still beyond the resources, capacity and technical skill to make all of this shit work for your average hacker just blasting out malware executables and malvertising. Basically, if the alphabet squad is on your ass, you're already fucked.

>>59744537
Good thing now gigabyte is in the spot light. They will fix it as soon as they could after the news go widely mainstream.

Then comes the other brands.

>>59745820
>Sci-fi is now

So we have meme hackers exploding PCd remotely now ?
Anon do rememeber to report to the cyber police 2000 whenever you see suspecious activity.

>>59745820
>First time I saw NSA's ANT Catalog, it blew my mind.

go look at CIA's FLUXWIRE and MARBLE programs

that shit is really nuts

>>59744537
>implying NSA doesn't bake that shit into every motherboard ever made

lel

>>59745488
He said prevent, not fix.

File: tim kek.jpg (5KB, 237x213px) Image search: [Google]

5KB, 237x213px

>WindWoes users getting ransomware
Oh, well that's nothing unusua-
>at the fucking UEFI/BIOS level

HAHAHAHAHAHAHAHAHA

File: n51f88899a20e6.png (99KB, 800x800px)

99KB, 800x800px

>>59745820
Well that was an unpleasant rabbit hole.

File: wat-1-2.png (85KB, 398x440px)

85KB, 398x440px

>>59744537
I don't get it. Given root/admin privileges, what would prevent a virus from flashing the BIOS on any motherboard?

>>59746028
Is it true NSA compromised x64 encryption at the the Instruction set level? All they would have to do is break into the factory and replace the files Intel/AMD use for production with their own subtlety compromised ones and Bam, you go from millions of years to decrypt to just a few months.

>>59744757
Then people will spot the CIA/NSA back doors anon. Plus security by obscurity is usually how large company's do things.

>>59744537
>UEFI
Found your problem

>>59746145
if it were true how tf would you even know

>>59746181
You wouldn't without years of statistical analysis.

>>59744663
>he honestly thinks BIOS isn't more susceptible to these kinds of hacks
>he thinks something invented in 1975 is is safer than something invented in 1998
sure thing fag

>>59746105
Nothing
https://www.nostarch.com/rootkits

This also isn't limited to just Gigabyte, try every device in existence because they are all piles of proprietary shit you can fuzz and plant rootkits into if you wanted.

File: 30a.jpg (59KB, 600x450px)

59KB, 600x450px

>>59746105
Shh, we're here to shit on a technology that scares us not to read the article.

File: placeholder moe.jpg (259KB, 800x706px) Image search: [Google]

259KB, 800x706px

>>59746068
at least they have to go out of their way to be hacked
macbook users are constantly at risk of having their shit literally explode in their hands

>>59746105
>Given root/admin privileges, what would prevent a virus from flashing the BIOS on any motherboard?
literally nothing
most of this thread is filled with tech illiterates who hate UEFI because it was too hard to configure Windows 7 for it

>>59745313

Hot flash a BIOS chip in another motherboard, swap it back

>>59745313
some mobos even come with two bios/uefi chips and are switchable

>>59746197
>>59746200
>>59746210
So what are the news here?

>>59746467
normies remembering that it's really not that hard to hack bios/uefi if the system is compromised and freaking out about it

that's all, really

admittedly the article is about a specific vulnerability in the gigabyte brix series that makes it even easier to hack uefi, but shitposters here are acting like this sort of thing has never happened before

tl;dr it's non-news

File: 1489094189463.jpg (1MB, 1024x1024px) Image search: [Google]

1MB, 1024x1024px

>>59744537
i guess BRIX finally lived up to it's name.

>>59745820
NIGHTSTAND: Portable system that wirelessly installs Microsoft Windows exploits from a distance of up to eight miles.[22]


wew lad

>>59744537
>Gigabyte BRIX

It's already known that Intel processors have hardware backdoor (Intel Management Engine). These fine Asian gentlemen probably exploited that.

Buy AMD instead, they don't have any hardware or software backdoors

>>59744537
https://www.bleepingcomputer.com/news/security/gigabyte-firmware-flaws-allow-the-installation-of-uefi-ransomware/
>A vulnerable SMI handler allows the attacker to execute code in SMM mode (ring -2) where he finally can bypass any write protection mechanisms and install a backdoor into the system's firmware
Remember when old BIOS used a hardware write protect instead of software? I fucking remember.

>>59744686
>>59744728
>>59746189
Older computers actually implemented hardware write protect options first of all. Second of all, old BIOS took up a lot less space, which means the flash chips were smaller and you were more limited on what you could do (to my knowledge the worst attacks on old BIOS were just wiping them to brick a computer). Third of all, UEFI opens the variables up to access and modification by the OS which means it has a larger attack surface than old BIOS (while that wasn't used in this case it has been used to compromise UEFI implementations in the past).

>>59746105
>>59746210
>>59746503
This wouldn't work if they implemented an actual hardware write protect option, old motherboards used to have.

>>59744930
>But didnt Microsoft used to brag about how UEFI would protect the system from malicious software during boot time
It does. Secure boot is a good thing and despite how people may go on about need shit signed with Microsoft's keys you can sign your bootloader yourself as well.

>>59746848
>Buy AMD instead, they don't have any hardware or software backdoors
>forgetting about AMD's PSP
>forgetting about how UEFI combined with x86 System Management Mode can achieve anything that AMD's PSP and Intel's ME can

>>59746068
There's no reason why this can't affect Macs as well.

>>59746854
Secure boot is where the surveillance backdoor is you dimwit

>>59746202

Tim Cook isn't the CEO of Scamsung, retard.

>>59744537
>not having socketed bios chips
Wew

File: 1484413446222.jpg (247KB, 714x739px) Image search: [Google]

247KB, 714x739px

>>59744537
BIOS doesn't have this problem. Also, it's not just limited to certain manufacturers. UEFI is horse shit in general. You know your pre-OS firmware is a big bloated piece of garbage when you can run a web browser in it.

>>59744757
Welcome to Coreboot. Manufacturers just won't adopt it because then the CIA niggers won't have easy access to the lowest parts of your hardware. Just wait about a decade...
>UEFI has locked your computer because you viewed content not approved by the state. Please remain calm while we send thought police to your location.

>>59744930
>What went wrong, /g/?
Retards decided to implement a fancy signing system to lock you into using Wangblows for extra dolans instead of doing simple hardware init.

>>59745024
>buying an ANUS product
>wanting to be locked into Wangblows 10
>wanting customer support with a Southern Indian accent that besically tells you to fuck off and call Microsoft support, which then tells you to call ANUS support
>One Infinite Loo(p)

>>59745313
>pray that you can find a clean copy of the firmware
>find a raspberry pie and a clip
>hook it up to the EEPROM
>flash it and try not to fuck up

>>59745628
This is literally the only thing that frightens me, because you would need to get JTAG access, dump the firmware, then compare a hash of it to a hash of known good firmware. That's fucking insane. Pic related is how I feel about this.

>>59744537
Can we please go back to stupid dumb BIOS, please?

>>59746068
Member Macs being hacked via Thunderbolt (DMA!), a vuln that is unfixable, because it's literally broken by design? I member.

>>59744537
>downloads UEFI firmware over HTTP
>firmware is fucking UNSIGNED

who the actual fuck thought this was a good idea

>>59747366
shareholders

File: REEEs internally.jpg (13KB, 184x184px)

13KB, 184x184px

>>59747366
>>59747378

>>59744537
>BRIX
more like BRICKED
kek

File: 1491079813357.png (97KB, 362x492px) Image search: [Google]

97KB, 362x492px

>>59744537
>Run firefox as root just one time
>Wake up to this

>implying it's only Gigabyte

This UEFI shit has been making me nervous since it came out. It's like a black box of shit you have no control over that runs all your shit. Fuck corporate shills that created this shit!

>>59744613
Still waiting for BIOS update for April 6

So how usable are coreboot or trannyboot?

>>59747313
>UEFI has locked your computer because you viewed content not approved by the state. Please remain calm while we send thought police to your location.
Kek. The state doesn't give a shit.

>>59745820
>DEITYBOUNCE: Technology that installs a backdoor software implant on Dell PowerEdge servers via the motherboard BIOS and RAID controller(s).

JUST

>>59746854
>you can sign your bootloader yourself as well
On x86. On ARM, it works exactly as everyone feared.

>>59747575
t. Microsoft Cuck

>>59750269
>SWAP: Technology that can reflash the BIOS of multiprocessor systems that run FreeBSD, Linux, Solaris, or Windows.

NOTHING IS SAFE. BETTER BUILD YOUR BUNKERS /g/entoomen

>>59744663
>He is not old enough to remember Compaq