Ping: David H Lipman

~BD~ · 10-18-2010, 06:02 AM

"FromTheRafters" <erratic@nomail.afraid.org> wrote in message
news:i9fqng$ha0$1@news.eternal-september.org...
> "~BD~" <~BD~@nomail.afraid.org> wrote in message
> news:i9fdgi$16d$1@news.eternal-september.org...
[....]
>> He is a graduate of Manchester University and has a degree in
>> Computer Science and Mathematics. He's worked for IBM since Dustin
>> was born!
>
> That doesn't make him an expert on malware and/or its capabilities.

Absolutely correct! He did understand all I mentioned to him though.

>> He confirmed that malware *can* infect the BIOS - and then reinfect a
>> new or cleaned hard drive - *outside* of a laboratory environment.
>
> I would like to know what he meant by that, but since he is not
> here...

He's a family man and still working - I doubt he's the time or
inclination to play here! However, if you tell me *what* to ask him,
I'll do so by email and advise you of his answer.

>> He did say that this was rare but he will liase with his specialist
>> colleagues and thereafter endeavour to provide me with some
>> information to confirm his assertion.
>
> He still hasn't said that any mobile code has shown that ability
> (outside a laboratory).

I don't think I recognise what you mean by 'mobile code' - do you mean
'in the wild'? Out there on the Internet?

> Even if he has actually seen for himself a persistant firmware
> compromise (one that can re-establish itself fully on a *new* disk) -
> he will still fail to convince anyone here that such can be
> *installed* by malicious mobile code.

Hey! He's a real life friend!

Andrew is helping *me* understand matters - not trying to convince
anyone on Usenet of *anything*!

> In fact, I am probably the only one here that accepts that an attacker
> with access to (and intimate knowledge of) a particular computer can
> compromise firmware in such a way as to have a *persistant* compromise
> of the machine even if the harddrive is swapped out.
>
> ...and even then, such a machine would have to have a network
> available for bootstrapping the malicious code.

I'd like to know more about what you've said! Will you explain just
where you have gained such insight?

Is there anything in this Wiki article with which you disagree?
http://en.wikipedia.org/wiki/BIOS

The bad guys are still winning. All the anti-malware experts have so far
failed to stem the tide of Cybercrime. They (the bad guys) obviously
have an 'ace' up their sleeves!

Just sayin'! ;-)

BD

Thread: Ping: David H Lipman

Thread Tools

Display

Threaded View

Re: Ping: David H Lipman

Thread Information

Users Browsing this Thread

Posting Permissions