«

I always re-install my BIOS when doing a clean install - just to be sure.
--
John the West Ham fan


<><


"~BD~" <.> wrote in message
news:...
> Quote:
>
> "Researchers have demonstrated how to create rootkits that survive
> hard-disk reformatting by injecting malware into the low-level system
> instructions of a target computer.
>
> The researchers, from Core Security Technologies, used the techniques to
> inject rootkits into two computers, one running the OpenBSD operating
> system and the other Windows. Because the infection lives in the
> computer's BIOS, or basic input/output system, it persists even after the
> operating system is reinstalled or a computer's hard drive is replaced."
>
> Ref: http://www.theregister.co.uk/2009/03...bios_rootkits/
>
>
> The article goes on to say .......
>
>
> "Of course, injecting code into the BIOS is no easy feat. It requires
> physical access to the machine or an exploit that hands an attacker
> unfettered root access."
>
> I asked this question year ago and cannot recall receiving an answer:
>
> "If one connects to another server deliberately - for the purpose of
> sending and receiving messages in a newsgroup (making a hole in one's
> defences) - might this be giving "unfettered root access" if one is
> operating with Administrator privileges?"
>
> What I was trying to ascertain by asking this question was whether or not
> connecting to a newsgroup server (like Eternal-September or aioe.org) or a
> 'private' server, like www.Annexcafe.com or www.dogagent.com, might put
> one at additional risk.
>
> I fully appreciate that one is personally responsible for protecting one's
> machine(s) but many, many, folk do not. Bad guys are clever. If persistent
> bios rootkits *are* 'in the wild' millions of computers which have
> supposedly been 'cleaned' may still be doing dirty deeds without the
> knowledge of the user.
>
> Discussion welcomed.
>
> --
> Dave - I *did* destroy my machine eventually, with reluctance.