Ping: David H Lipman

[FromTheRafters]

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:i9ia6e$7tg$1@news.eternal-september.org...
>
> "Dustin" <bughunter.dustin@gmail.com> wrote in message
> news:Xns9E159A5A98CFFHHI2948AJD832@no...
>> "~BD~" <~BD~@nomail.afraid.org> wrote in
>> news:i9h2en$lnb$1@news.eternal-september.org:
>>
>>> "Dustin" <bughunter.dustin@gmail.com> wrote in message
>>> news:Xns9E1537F96841HHI2948AJD832@no...
>>>> "~BD~" <~BD~@nomail.afraid.org> wrote in
>>>> news:i9fpp5$svg$1@news.eternal-september.org:
>>> [....]
>>>>> No one has mentioned a 'general' BIOS infector - Dustin mentioned
>>>>> a *universal* BIOS infector. I didn't!
>>>>>
>>>>> Isn't it possible that bad guys simply select a narrow target
>>>>> area?
>>>>
>>>> That's entirely possible in theory; I've never disputed it. What
>>>> would be the point tho? It would be a very specific target BD, as
>>>> in; a particular system only and ones which are identical atleast
>>>> in so far as bios is concerned.
>>>
>>> Whilst specific, it could still be a very large group, Dustin.
>>
>> Doubtful. Computer models change every few months. Depending on which
>> one you trojanized (your basically only accomplishing this with a
>> bios
>> modification anyway) you might not even have a hundred users.
>
> If it *were* such a small group, I'd understand why such an attack
> method wouldn't be viable!

A much larger group exists, that is the group of people whose computer's
BIOS is ever susceptible to corruption.
Since they almost all are, that group is "everyone".

http://www.biosman.com/biosrecovery.html

It is *not* just about corruption due to malware, bit rot counts too.

[...]

[~BD~]

"FromTheRafters" <erratic@nomail.afraid.org> wrote in message
news:i9icpl$rcn$1@news.eternal-september.org...
[....]
> A much larger group exists, that is the group of people whose
> computer's BIOS is ever susceptible to corruption.
> Since they almost all are, that group is "everyone".
>
> http://www.biosman.com/biosrecovery.html
>
> It is *not* just about corruption due to malware, bit rot counts too.
>

I thought you might be pulling my leg again FTR, then found
http://en.wikipedia.org/wiki/Bit_rot

I've only once flashed the BIOS on a machine and that was years ago. I
would have started off here
http://eu.msi.com/index.php?func=downloadindex

Nowadays, though, I'd probably simply replace either the motherboard or,
more likely, the whole machine! ;-)

[Peter Foldes]

Read the following also so as you will have a base to this issue

http://www.biosman.com/faq.html

--
Peter
Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
This posting is provided "AS IS" with no warranties, and confers no rights.
http://www.microsoft.com/protect


"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:i9jli3$uc2$1@news.eternal-september.org...
>
> "FromTheRafters" <erratic@nomail.afraid.org> wrote in message
> news:i9icpl$rcn$1@news.eternal-september.org...
> [....]
>> A much larger group exists, that is the group of people whose computer's BIOS is
>> ever susceptible to corruption.
>> Since they almost all are, that group is "everyone".
>>
>> http://www.biosman.com/biosrecovery.html
>>
>> It is *not* just about corruption due to malware, bit rot counts too.
>>
>
> I thought you might be pulling my leg again FTR, then found
> http://en.wikipedia.org/wiki/Bit_rot
>
> I've only once flashed the BIOS on a machine and that was years ago. I would have
> started off here http://eu.msi.com/index.php?func=downloadindex
>
> Nowadays, though, I'd probably simply replace either the motherboard or, more
> likely, the whole machine! ;-)
>

[FromTheRafters]

Pretty good, but as usual there are some errors in terminology.

"Peter Foldes" <okf22@hotmail.com> wrote in message
news:i9k19m$def$1@speranza.aioe.org...
> Read the following also so as you will have a base to this issue
>
> http://www.biosman.com/faq.html
>
> --
> Peter
> Please Reply to Newsgroup for the benefit of others
> Requests for assistance by email can not and will not be acknowledged.
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> http://www.microsoft.com/protect
>
>
> "~BD~" <~BD~@nomail.afraid.org> wrote in message
> news:i9jli3$uc2$1@news.eternal-september.org...
>>
>> "FromTheRafters" <erratic@nomail.afraid.org> wrote in message
>> news:i9icpl$rcn$1@news.eternal-september.org...
>> [....]
>>> A much larger group exists, that is the group of people whose
>>> computer's BIOS is ever susceptible to corruption.
>>> Since they almost all are, that group is "everyone".
>>>
>>> http://www.biosman.com/biosrecovery.html
>>>
>>> It is *not* just about corruption due to malware, bit rot counts
>>> too.
>>>
>>
>> I thought you might be pulling my leg again FTR, then found
>> http://en.wikipedia.org/wiki/Bit_rot
>>
>> I've only once flashed the BIOS on a machine and that was years ago.
>> I would have started off here
>> http://eu.msi.com/index.php?func=downloadindex
>>
>> Nowadays, though, I'd probably simply replace either the motherboard
>> or, more likely, the whole machine! ;-)
>>
>

[Dustin]

"~BD~" <~BD~@nomail.afraid.org> wrote in
news:i9jli3$uc2$1@news.eternal-september.org:

> Nowadays, though, I'd probably simply replace either the motherboard
> or, more likely, the whole machine! ;-)

The landfills appreciate ignorance like that. I don't, but they do. They
absolutely love it when people replace and throw away rather than repair.
It's understandable if the machine is really old and/or beyond repair,
but... Many times that's not the case.


--
Some people are like a Slinky. Not much good for anything, but you can't
help but smile when one tumbles down the stairs.

[FromTheRafters]

"Dustin" <bughunter.dustin@gmail.com> wrote in message
news:Xns9E169AB9F31A7HHI2948AJD832@no...
> "~BD~" <~BD~@nomail.afraid.org> wrote in
> news:i9jli3$uc2$1@news.eternal-september.org:
>
>> Nowadays, though, I'd probably simply replace either the motherboard
>> or, more likely, the whole machine! ;-)
>
> The landfills appreciate ignorance like that. I don't, but they do. They
> absolutely love it when people replace and throw away rather than repair.
> It's understandable if the machine is really old and/or beyond repair,
> but... Many times that's not the case.

I'm glad that you venture to raise awareness of this problem.

The computers I threw away were over ten years old (practically ancient
relics, so I guess I'm okay in that respect) - and I didn't just throw them
away, I put them in the recycling stream (it's not perfect, but it's a good
start). I just now used Google to see what was currently being done in
recycling electronics, and came across a mention of both Maine (your former
stomping ground) and Keene, NH (my current one).

http://www.stateelectronicschallenge...l_results.html

The Recycling Center here (visible from my window), was featured on a
documentary on 'green' policies and recycling - it harvests the old landfill
area's methane to power its vehicles and some of its other machinery.

[~BD~]

Dustin wrote:
> "~BD~"<~BD~@nomail.afraid.org> wrote in
> news:i9jli3$uc2$1@news.eternal-september.org:
>
>> Nowadays, though, I'd probably simply replace either the motherboard
>> or, more likely, the whole machine! ;-)
>
> The landfills appreciate ignorance like that. I don't, but they do. They
> absolutely love it when people replace and throw away rather than repair.
> It's understandable if the machine is really old and/or beyond repair,
> but... Many times that's not the case.

Out of general interest, Dustin .....

Have you kept a mental note of how many times you have removed a BIOS
chip from a motherboard and replaced it with a new one?

Maybe you can also remember exactly *why* it was necessary to do so?

FYI - I've not actually thrown anything away - it all accumulates in my
shed for possible future use! You are probably well aware how often
*broken bits* can be recycled in all sorts of ways! ;-)

[Dustin]

~BD~ <~BD~@nomail.afraid.org> wrote in
news:HrOdnXHocIGAoCLRnZ2dnUVZ7rqdnZ2d@bt.com:

> Dustin wrote:
>> "~BD~"<~BD~@nomail.afraid.org> wrote in
>> news:i9jli3$uc2$1@news.eternal-september.org:
>>
>>> Nowadays, though, I'd probably simply replace either the
>>> motherboard or, more likely, the whole machine! ;-)
>>
>> The landfills appreciate ignorance like that. I don't, but they do.
>> They absolutely love it when people replace and throw away rather
>> than repair. It's understandable if the machine is really old
>> and/or beyond repair, but... Many times that's not the case.
>
> Out of general interest, Dustin .....
>
> Have you kept a mental note of how many times you have removed a
> BIOS chip from a motherboard and replaced it with a new one?

I wouldn't be able to provide you with an exact number, but I don't
think it would be any higher than.. 100 or so. It's not that difficult
of a process when your employer at the time had an eeprom burner. <G>

You don't have to replace the chip BD, it's the rewritable software
inside that's "bad".

> Maybe you can also remember exactly *why* it was necessary to do so?

For some systems, it was due to bit rot, or the user for some reason
deciding he needed to reflash the system BIOS. The general rule of
thumb used to be, you do not reflash your system BIOS unless you have a
problem. If the machine is running fine, usually; don't reflash. Back
in the original user reflash days, if the user paniced and powered off
the machine during the writeback; poof.

> FYI - I've not actually thrown anything away - it all accumulates in
> my shed for possible future use! You are probably well aware how
> often *broken bits* can be recycled in all sorts of ways! ;-)

Yes, but there's a difference between keeping usable parts on hand and
hoarding.


--
Some people are like a Slinky. Not much good for anything, but you
can't help but smile when one tumbles down the stairs.

[~BD~]

Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in
> news:HrOdnXHocIGAoCLRnZ2dnUVZ7rqdnZ2d@bt.com:
>
>> Dustin wrote:
>>> "~BD~"<~BD~@nomail.afraid.org> wrote in
>>> news:i9jli3$uc2$1@news.eternal-september.org:
>>>
>>>> Nowadays, though, I'd probably simply replace either the
>>>> motherboard or, more likely, the whole machine! ;-)
>>>
>>> The landfills appreciate ignorance like that. I don't, but they do.
>>> They absolutely love it when people replace and throw away rather
>>> than repair. It's understandable if the machine is really old
>>> and/or beyond repair, but... Many times that's not the case.
>>
>> Out of general interest, Dustin .....
>>
>> Have you kept a mental note of how many times you have removed a
>> BIOS chip from a motherboard and replaced it with a new one?
>
> I wouldn't be able to provide you with an exact number, but I don't
> think it would be any higher than.. 100 or so. It's not that difficult
> of a process when your employer at the time had an eeprom burner.<G>
>
> You don't have to replace the chip BD, it's the rewritable software
> inside that's "bad".

You have now confused me, Dustin!

Have you actually *removed* and replaced a BIOS chip around 100 times as
you stated - or simply flashed the chip to replace the data?

If it's appropriate to ask again, have you ever *replaced* such a chip?
(The web site proffered by FTR /sells/ them! - that's why I asked)

>> Maybe you can also remember exactly *why* it was necessary to do so?
>
> For some systems, it was due to bit rot, or the user for some reason
> deciding he needed to reflash the system BIOS. The general rule of
> thumb used to be, you do not reflash your system BIOS unless you have a
> problem. If the machine is running fine, usually; don't reflash. Back
> in the original user reflash days, if the user paniced and powered off
> the machine during the writeback; poof.

I do understand. The same could be caused by a mains power failure (outage)

>> FYI - I've not actually thrown anything away - it all accumulates in
>> my shed for possible future use! You are probably well aware how
>> often *broken bits* can be recycled in all sorts of ways! ;-)
>
> Yes, but there's a difference between keeping usable parts on hand and
> hoarding.

Hahaha! You are now sounding rather like Mrs BD! ;-)

[FromTheRafters]

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:7OKdnVAJtM3Rs13RnZ2dnUVZ8qmdnZ2d@bt.com...
> Dustin wrote:
>> ~BD~<~BD~@nomail.afraid.org> wrote in
>> news:HrOdnXHocIGAoCLRnZ2dnUVZ7rqdnZ2d@bt.com:
>>
>>> Dustin wrote:
>>>> "~BD~"<~BD~@nomail.afraid.org> wrote in
>>>> news:i9jli3$uc2$1@news.eternal-september.org:
>>>>
>>>>> Nowadays, though, I'd probably simply replace either the
>>>>> motherboard or, more likely, the whole machine! ;-)
>>>>
>>>> The landfills appreciate ignorance like that. I don't, but they do.
>>>> They absolutely love it when people replace and throw away rather
>>>> than repair. It's understandable if the machine is really old
>>>> and/or beyond repair, but... Many times that's not the case.
>>>
>>> Out of general interest, Dustin .....
>>>
>>> Have you kept a mental note of how many times you have removed a
>>> BIOS chip from a motherboard and replaced it with a new one?
>>
>> I wouldn't be able to provide you with an exact number, but I don't
>> think it would be any higher than.. 100 or so. It's not that
>> difficult
>> of a process when your employer at the time had an eeprom burner.<G>
>>
>> You don't have to replace the chip BD, it's the rewritable software
>> inside that's "bad".
>
> You have now confused me, Dustin!
>
> Have you actually *removed* and replaced a BIOS chip around 100 times
> as you stated - or simply flashed the chip to replace the data?

I believe he meant exactly what he said.

Some BIOS chips had to be removed and put in a jig (the eeprom burner
Dustin mentioned) to reprogram them. Even some that were flashable by
local software needed to be done this way because the computer with the
corrupted BIOS code wouldn't boot and offer up a software platform to
run the reflashing routine. The BIOS recovery jumper scenario was
developed to get around this unfortunate situation - it holds enough
non-flashable (permanent) BIOS routines to present the software
environment needed to re-flash the chip 'in place' with the new BIOS
image stored on a floppy.

[...]