Risky Business 67: Firmware pwnage

Security researcher John Heasman has learned it is possible to load undetectable rootkits into PCI devices, as we explain in this week's Risky Business security podcast.

Patrick Gray

Published: 24 Jun 2008 5:00

This week’s Risky Business security podcast looks at firmware root kits with John Heasman from the US arm of NGS Software. Download it here:

http://itradio.com.au/security

Some time ago, John figured out how to plonk a root kit on to a PCI device.

As you can imagine, those sorts of root kits can be very difficult to detect and remove.

But it gets worse.

Newer research, due to be presented at BlackHat in Las Vegas, will show how the CPU on some PCI devices (like the chip on network devices designed to do TCP checksum calculations) can actually be used to run the root kits.

That means they never gets loaded into main memory. Try detecting that!

Risky Business 67: Firmware pwnage

Security researcher John Heasman has learned it is possible to load undetectable rootkits into PCI devices, as we explain in this week's Risky Business security podcast.

Read more on Security policy and user awareness

Mac users key in defending against Apple T2 chip flaw

I/O virtualization (IOV)

RoughTed malvertising peaked in June, reveals Check Point

Certificate authorities are limited but new TLS versions can help