![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Once upon a time in the PC world there was BIOS. You used it to configure various aspects of your hardware, things like setting the date, resetting the amount of memory or sometimes testing it, overclocking your CPU if that was your thing. It evolved for a number of years until it was decreed to not be safe enough, and UEFI was introduced. It was supposed to be the ultimate in software security, and unhackable.
(another thing about UEFI was it made life hell for a long time to install Linux on personal equipment)
BWAHAHAHAHAHA!
Well, UEFI has been hacked.
A real-world exploit has been found, and it's not easy to implement. But if it gets into your system, it has been rooted. Someone can do anything they want on your system. Even replacing your hard drive, normally the ultimate last-ditch 'get rid of malware' strategy doesn't work - the software is actually inside your PC motherboard! And you pretty much cannot change UEFI chips, so your only solution is to replace the motherboard, or replace the entire computer!
FORTUNATELY, for some small value of fortunately, this is a very advanced exploit and tough to get into place - but it can be done. Because of the work that goes into inserting it into your system, it's highly unlikely that crooks are going to waste their efforts trying to get it into John/Jane Doe's systems. They'll spend their resources on getting it in to high value systems where they will get a gain out of it, through blackmail or theft.
https://arstechnica.com/information-technology/2023/03/unkillable-uefi-malware-bypassing-secure-boot-enabled-by-unpatchable-windows-flaw/
https://it.slashdot.org/story/23/03/06/1854200/unkillable-uefi-malware-bypassing-secure-boot-enabled-by-unpatchable-windows-flaw
(another thing about UEFI was it made life hell for a long time to install Linux on personal equipment)
BWAHAHAHAHAHA!
Well, UEFI has been hacked.
A real-world exploit has been found, and it's not easy to implement. But if it gets into your system, it has been rooted. Someone can do anything they want on your system. Even replacing your hard drive, normally the ultimate last-ditch 'get rid of malware' strategy doesn't work - the software is actually inside your PC motherboard! And you pretty much cannot change UEFI chips, so your only solution is to replace the motherboard, or replace the entire computer!
FORTUNATELY, for some small value of fortunately, this is a very advanced exploit and tough to get into place - but it can be done. Because of the work that goes into inserting it into your system, it's highly unlikely that crooks are going to waste their efforts trying to get it into John/Jane Doe's systems. They'll spend their resources on getting it in to high value systems where they will get a gain out of it, through blackmail or theft.
https://arstechnica.com/information-technology/2023/03/unkillable-uefi-malware-bypassing-secure-boot-enabled-by-unpatchable-windows-flaw/
https://it.slashdot.org/story/23/03/06/1854200/unkillable-uefi-malware-bypassing-secure-boot-enabled-by-unpatchable-windows-flaw
