Enlarge (credit score: Getty Pictures)
As the quantity of delicate knowledge saved on computer systems has exploded over the previous decade, {hardware} and software program makers have invested rising quantities of assets into securing gadgets in opposition to bodily assaults within the occasion that they’re misplaced, stolen, or confiscated. Earlier this week, Intel fastened a sequence of bugs that made it doable for attackers to put in malicious firmware on tens of millions of computer systems that use its CPUs.
The vulnerabilities allowed hackers with bodily entry to override a safety Intel constructed into fashionable CPUs that stops unauthorized firmware from working in the course of the boot course of. Generally known as Boot Guard, the measure is designed to anchor a series of belief immediately into the silicon to make sure that all firmware that masses is digitally signed by the pc producer. Boot Guard protects in opposition to the opportunity of somebody tampering with the SPI-connected flash chip that shops the UEFI, which is a fancy piece of firmware that bridges a PC’s system firmware with its working system.
{Hardware}-enforced safety
Most of these hacks usually occur when attackers connect {hardware} to the insides of a pc and use Dediprog or comparable chip programming instruments to switch licensed firmware with malicious firmware.
Learn 9 remaining paragraphs | Feedback
