TC7 day 2 – Hiding behind antiquity

posted Sep 20th 2005 4:00am by
filed under: Uncategorized

jason

Apparently when Jason Spence isn’t reading Hack-A-Day he is reading manufacturer data sheets. He’s fun in real life; I swear. The talk started with an overview of motherboard architecture. By studying manufacturer data sheets you can figure out a pathway to attack the BIOS. A proof of concept BIOS backdoor has already been developed. This is a very scary situation since the OS isn’t even loaded yet and will be completely blind once it is up. Jason pointed out that smaller manufactures (VIA, SIS) don’t publish data sheets fearing patent infringement. This lack of information makes security a lot harder to pull off. Jason says he’ll be contributing a couple articles in the future.

UPDATE: Jason has posted his uncensored slides.
UPDATE: Slides on the Toorcon site.

Read



7 Responses to TC7 day 2 – Hiding behind antiquity

  • dan says:
    September 20, 2005 at 6:49 am

    crazy l33t shit! woo first post

    Reply Report comment
  • Dunks0r says:
    September 20, 2005 at 7:17 am

    I see the man likes ye ol Red Hat Fedora! interesting stuff!

    Reply Report comment
  • coward says:
    September 20, 2005 at 9:50 am

    Pretty cool talk, but when will information about this be online or accessable, or are the talks already up loaded someplace?

    cheers

    Reply Report comment
  • steve says:
    September 20, 2005 at 9:53 am

    any additional information on this subject (and the others posted) would be wonderful if anyone has it.

    Reply Report comment
  • dephyler says:
    September 20, 2005 at 12:42 pm

    is this the same jason spence that got his ass scammed by sal wise, and then turned the entire internet against the guy?

    Reply Report comment
  • fatdrunkenbastard says:
    September 20, 2005 at 3:07 pm

    “The goal of attackers is to make unauthorized changes to the target …”

    … and you folks wonder why no one trusts you.

    Reply Report comment
  • Jason spence says:
    September 20, 2005 at 7:23 pm

    No, I’m not that Jason Spence. Also, the uncensored version of the slides are at:

    http://lightconsulting.com/~thalakan/drop/tc2005.sxi

    The sanitized ones will be posted on the toorcon site, I’m told.

    Reply Report comment

    • Leave a Reply

    XHTML: You can use these tags: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    Hack a Day serves up fresh hacks each day, every day from around the web as well as hacking related news.

    Send us your hacks










         



    Hacks

    Resources