Hardware Backdooring is Possible

Explore the world of hardware backdooring in this 52-minute conference talk from nullcon Goa 2013. Dive deep into the practical aspects of permanent hardware backdooring as Jonathan Brossard introduces Rakshasa, a generic proof-of-concept malware for Intel architecture. Learn how this malware can infect over a hundred different motherboards, permanently disable NX, and remove SMM-related fixes from the BIOS, resulting in long-term security vulnerabilities. Discover how existing work on MBR subversions, such as bootkiting and preboot authentication software bruteforce, can be easily integrated into Rakshasa. Gain insights into the Coreboot project and various hardware components like BIOS, CMOS, and PIC embedded on motherboards. Understand the implications of non-open source firmwares shipped with computers and consider the importance of including firmware analysis in forensics and post-intrusion investigations. This eye-opening presentation aims to raise awareness about the potential dangers associated with closed-source firmware and challenges current security practices.

nullcon Goa 2013 - Hardware backdooring is possible - By Jonathan Brossard