Project

General

Profile

Feature #6808

Investigate harmful BIOS features

Added by anonym over 5 years ago. Updated over 4 years ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
03/02/2014
Due date:
% Done:

0%

Feature Branch:
Type of work:
Research
Blueprint:
Starter:
No
Affected tool:

Description

With "harmful" we mean BIOS features that phone home, enable remote administration and similar. Examples:

  • Remote administration tools enabled at BIOS time, like Intel AMT, which can be configured to connect to the network at BIOS time, and then run a web-server, again at BIOS time (!), etc.

"Features" like these may either cause general security issues, or have adverse effects on particular Tails features (e.g. BIOS-time network activity from Intel AMT exposes the real MAC address before Tails has a chance to spoof it).


Related issues

Related to Tails - Bug #9116: Document that Tails doesn't protect against BIOS/firmware attacks Resolved 03/26/2015

History

#1 Updated by anonym over 5 years ago

  • Description updated (diff)

#2 Updated by BitingBird over 4 years ago

  • Related to Bug #9116: Document that Tails doesn't protect against BIOS/firmware attacks added

#3 Updated by sajolida over 4 years ago

According to external experts, AMT-originated network activity will most probably have its own MAC address; and one that Tails probably can't spoof. For example, AMT gets its own DHCP lease prior to and independent of the OS.

AMT can also be used to perform malicious BIOS updates.

Also available in: Atom PDF